Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/BishopFox/ca-clone

Scripts to clone CA certificates for use in HTTPS client attacks.
https://github.com/BishopFox/ca-clone

mitm pentesting reverse-engineering security-tools

Last synced: 5 days ago
JSON representation

Scripts to clone CA certificates for use in HTTPS client attacks.

Host: GitHub
URL: https://github.com/BishopFox/ca-clone
Owner: BishopFox
License: gpl-3.0
Created: 2020-03-25T18:55:33.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2020-03-26T19:55:52.000Z (over 4 years ago)
Last Synced: 2024-07-03T09:21:58.318Z (4 months ago)
Topics: mitm, pentesting, reverse-engineering, security-tools
Language: Shell
Homepage: https://labs.bishopfox.com/tech-blog/breaking-https-in-the-iot
Size: 20.5 KB
Stars: 32
Watchers: 4
Forks: 22
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# CA Cloning Scripts
Scripts to clone CA certificates for use in HTTPS client attacks. Currently includes scripts to clone a root Comodo CA, and a Digicert CA, both of which are fairly widely trusted in IoT devices.

## Usage
* Run either script in place to automatically generate a key and certificate. In general, you only need to run one or the other, but both are included here in case you suspect a specific CA is needed.
* Import the generated P12 into your HTTPS proxy.
* In Burp, this is done by importing the P12 file as a CA Certificate under Proxy -> Options. Don't forget to backup your current CA!