https://github.com/a11rew/sha-assist

🕵️ SHA Assist: One command HTTPS Certificate fingerprinting library.
https://github.com/a11rew/sha-assist

hash md5 sha256 ssl tls

Last synced: 3 months ago
JSON representation

🕵️ SHA Assist: One command HTTPS Certificate fingerprinting library.

• Host: GitHub
• URL: https://github.com/a11rew/sha-assist
• Owner: a11rew
• License: mit
• Created: 2021-08-04T14:16:32.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2021-11-27T16:01:27.000Z (over 4 years ago)
• Last Synced: 2026-01-14T09:28:11.100Z (5 months ago)
• Topics: hash, md5, sha256, ssl, tls
• Language: Python
• Homepage:
• Size: 43.9 KB
• Stars: 1
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# 🕵️ SHA Assist

## Easy SHA1, SHA256, SHA384, SHA512, MD5 HTTPS domain certificate fingerprinting.

Quick zero dependency fingerprinting with one command. sha_assist produces algorithmic hexadecimal hashes of public keys used in TLS/SSL connections' authentication. These hashes are useful in verifying the authenticity of recieved HTTPS certificates and are essential in thwarting MiTM attacks for example.

Out of the box, sha_assist exposes 5 key digests i.e. (SHA1, SHA256, SHA384, SHA512 and MD5) but can be easily extended using `hashlib.algorithms_available`.

See [Extensibility](#Extensibility)

Credit to [dlenski](https://gist.github.com/dlenski) for [ssl.SSLSocket patching](https://gist.github.com/dlenski/fc42156c00a615f4aa18a6d19d67e208)

## Installation

`git clone https://github.com/AndrewGlago/sha-assist.git && cd sha-assist`

## Usage and Options

`python3 ./sha_assist.py -d google.com -p 443`

![git](https://user-images.githubusercontent.com/87580113/128281173-12ab0604-2711-4633-b66c-81067d876e49.png)

Usage: sha_assist.py [OPTIONS]

| Options | Description |

| ------------------------- | ------------------------------------------------------------------ |

| -d or --domain [required] | [Text] Domain URL to be fingerprinted (eg. https://www.github.com) |

| -p, --port [optional] | [Integer] Port to establish connection on. Defaults to 443 |

**NOTE: URL must be prefixed with https://**

## Extensibility

sha-assist produces algorithmic digests using hash-lib. By extension, all methods exposed by `hashlib.algorithms_available` can be used to produce required digests.

Output is by default hex but can be adapted to binary by replacing ~.digestHex().