{"id":13584785,"url":"https://github.com/OWASP/O-Saft","last_synced_at":"2025-04-07T05:35:34.934Z","repository":{"id":6041347,"uuid":"7265826","full_name":"OWASP/O-Saft","owner":"OWASP","description":"O-Saft  - OWASP SSL advanced forensic tool","archived":false,"fork":false,"pushed_at":"2025-03-18T23:02:36.000Z","size":61286,"stargazers_count":377,"open_issues_count":11,"forks_count":86,"subscribers_count":32,"default_branch":"master","last_synced_at":"2025-04-01T07:44:19.988Z","etag":null,"topics":["certificate","ciphers","perl","ssl","tls"],"latest_commit_sha":null,"homepage":"","language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OWASP.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":"https://owasp.org/donate/?reponame=www-project-o-saft\u0026title=OWASP+O-Saft","github":"OWASP"}},"created_at":"2012-12-20T23:03:58.000Z","updated_at":"2025-03-21T01:43:17.000Z","dependencies_parsed_at":"2024-04-11T03:00:23.452Z","dependency_job_id":"20bd21ff-cbff-4f77-9c91-35536e3e8ba6","html_url":"https://github.com/OWASP/O-Saft","commit_stats":{"total_commits":6898,"total_committers":11,"mean_commits":627.0909090909091,"dds":"0.030878515511742588","last_synced_commit":"9407e4c0bba19614d9ab1841f85dfe33272f0ee4"},"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2FO-Saft","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2FO-Saft/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2FO-Saft/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OWASP%2FO-Saft/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OWASP","download_url":"https://codeload.github.com/OWASP/O-Saft/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247601448,"owners_count":20964862,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificate","ciphers","perl","ssl","tls"],"created_at":"2024-08-01T15:04:31.305Z","updated_at":"2025-04-07T05:35:29.920Z","avatar_url":"https://github.com/OWASP.png","language":"Perl","funding_links":["https://owasp.org/donate/?reponame=www-project-o-saft\u0026title=OWASP+O-Saft","https://github.com/sponsors/OWASP"],"categories":["Perl","Forensics"],"sub_categories":["Steganography"],"readme":"\n----\n|   |\n|:--|\n| Any use of this project's code by GitHub Copilot,  past or present, is done without our permission. We do not consent to GitHub's use of this project's code in Copilot. |\n|   |\n----\n\n# [ O-Saft - OWASP SSL advanced forensic tool](https://owasp.org/www-project-o-saft/)\n\n**Download [Version 24.01.24](https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz)**\n\n## QUICK START\n\n```\n  o-saft.pl --help\n  o-saft.pl +check  your.tld\n  o-saft.pl +info   your.tld\n  o-saft.pl +quick  your.tld\n  o-saft.pl +cipher your.tld\n  o-saft.pl --help=commands\n\n  o-saft.tcl      # (simple GUI; requires Tcl/Tk 8.5 or newer)\n\n  o-saft-docker   # (simple wrapper to call o-saft.pl in docker image)\n\n  o-saft          # (simple wrapper to call o-saft.pl or o-saft.tcl or o-saft-docker)\n```\n\n## DESCRIPTION\n\nThis tools lists  information about remote target's  SSL  certificate\nand tests the remote target according given list of ciphers.\n\n## UNIQUE FEATURES\n\n* working in closed environments, i.e. without internet connection\n* checking availability of ciphers independent of installed library\n* checking for all possible ciphers (up to 65535 per SSL protocol)\n* needs just perl without modules for checking ciphers and protocols\n* mainly same results on all platforms\n\n## WHY?\n\nWhy a new tool for checking SSL  when there already exist a dozens or\nmore good tools in 2012? Some (but not all) reasons are:\n\n* lack of tests of unusual ciphers\n* different results returned for the same check on same target\n* missing functionality (checks) according modern SSL/TLS\n* lack of tests of unusual (SSL, certificate) configurations\n* (mainly) missing feasability to add own tests\n\nFor more details, please use:\n\n```\n  o-saft.pl --help\n```\nor read the source ;-)\n\n## TARGET AUDIENCE\n\n* penetration testers\n* administrators\n\n## INSTALLATION\n\n`o-saft.pl` requires following Perl modules:\n\n| Module               | Version |\n|:---------------------|:--------|\n| `Net::SSLeay`        | (prefered \u003e= 1.51, recommended 1.85)     |\n| `IO::Socket::SSL`    | (prefered \u003e= 1.37, recommended 2.002)    |\n| `IO::Socket::INET`   | (prefered \u003e= 2.31)  |\n| `Net::DNS`           | (prefered \u003e= 0.65, for --mx option only) |\n\nIt can be executed from within the unpacked or cloned directory,\ninstallation is not necessary. However, a  `INSTALL.sh`  script will be\nprovided, which can be called as follows:\n\n```\n  INSTALL.sh /path/to/install\n  INSTALL.sh --check\n```\nFor more details on installation, please see:\n```\n  INSTALL.sh --help\n```\n\nThere're no dependencies to other Perl modules for `checkAllCiphers.pl`\nso the test of all ciphers will work with it.\nThe modules  `SSLinfo`,  `SSLhello`  beside som others, are part of the tool\nand should be installed in  `./lib` .\n\nFollowing files are optional:\n\n| File / Tool          | Description |\n|:---------------------|:------------|\n| `.o-saft.pl`         | (private user configuration) |\n| `.o-saft.tcl`        | (private user configuration for GUI) |\n| `lib/OTrace.pm`      | (functions for debugging) |\n| `lib/OMan.pm`        | (documentation and generation functions) |\n| `doc/o-saft.pod`     | (documentation in POD format) |\n| `lib/o-saft-img.tcl` | (images for buttons in GUI) |\n| `checkAllCiphers.pl` | (simple script for checking all ciphers) |\n| `usr/*`              | (additional programs and tools) |\n\n## Sources \n* Project home is https://www.owasp.org/index.php/O-Saft\n* Project repo is https://github.com/OWASP/O-Saft\n* Historic Project home https://www.owasp.org/index.php/Projects/O-Saft\n\u003c!--\n* Project roadmap https://www.owasp.org/index.php/Projects/O-Saft/Roadmap\n--\u003e\n\nGet a Copy (latest stable release)\n```\n  wget https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz\n```\n\nGet a Copy (development version)\n```\n  git clone https://github.com/OWASP/O-Saft.git\n  git clone git@github.com:OWASP/O-Saft.git\n```\n\nGet Docker Image (latest stable release)\n```\n  docker pull owasp/o-saft\n```\n\n## VERSION\n\n**24.06.24**\n\nThe version of the tarball `o-saft.tgz` represents the version listed on top\nherein. All other files in the repository may be ahead of this tarball version.\n\nSHA256 checksum of [o-saft.tgz](https://github.com/OWASP/O-Saft/raw/master/o-saft.tgz)\n```\n3f3eb35982717931cd23f384b378c77c07b0ce75fa5341ede574a3e153c9b48d\n```\n\n[//]: # (above checksum for version 23.11.23)\n\u003c!--\n# comment not rendered in HTML\n--\u003e\n\nSHA256 checksum of docker image owasp/o-saft:latest and owasp/o-saft:18.11.18\n```\nb85423d142c186c1cf10494aa0e993f6f2030ab769977aca9584d7d650421697\n```\n\nNOTE that the checksums listed here are the previous versions if this\nfile is from  o-saft.tgz  itself, or inside the docker image.\n\n### Older version\n\nVersion 24.01.24 is a major redesign (refactoring) of the project. The top\ndirectory now contains the main tools only. All modules, documentation and\n(user) contributed tools are in sub-directories.\nThese changes are also reflected in the directories available at github.\n\nIf older versions should be used, please get the correspondig `o-saft.tgz`\nfrom github's releases, see:\n   [https://github.com/OWASP/O-Saft/releases](https://github.com/OWASP/O-Saft/releases) (as of January 2024).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOWASP%2FO-Saft","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOWASP%2FO-Saft","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOWASP%2FO-Saft/lists"}