Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hahwul/a2sv

Auto Scanning to SSL Vulnerability
https://github.com/hahwul/a2sv

hacking scanner security ssl vulnerability

Last synced: about 1 month ago
JSON representation

Auto Scanning to SSL Vulnerability

Host: GitHub
URL: https://github.com/hahwul/a2sv
Owner: hahwul
License: mit
Archived: true
Created: 2016-01-25T07:15:37.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2020-12-12T05:10:10.000Z (about 4 years ago)
Last Synced: 2024-08-01T09:23:37.563Z (4 months ago)
Topics: hacking, scanner, security, ssl, vulnerability
Language: Python
Size: 157 KB
Stars: 617
Watchers: 45
Forks: 167
Open Issues: 16
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

WebHackersWeapons - a2sv
awesome-hacking-lists - hahwul/a2sv - Auto Scanning to SSL Vulnerability (Python)

README

        [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT)



## 1. A2SV?

Auto Scanning to SSL Vulnerability.

HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc 

A. Support Vulnerability

```

- CVE-2007-1858] Anonymous Cipher

- CVE-2012-4929] CRIME(SPDY)

- CVE-2014-0160] CCS Injection

- CVE-2014-0224] HeartBleed

- CVE-2014-3566] SSLv3 POODLE

- CVE-2015-0204] FREAK Attack

- CVE-2015-4000] LOGJAM Attack

- CVE-2016-0800] SSLv2 DROWN

```

 

B. Dev Plan

```

- PLAN] SSL ACCF

- PLAN] SSL Information Analysis

```

## 2. How to Install?

A. Download(clone) & Unpack A2SV

```

$ git clone https://github.com/hahwul/a2sv.git

$ cd a2sv

```

B. Install Python Package / OpenSSL

```

$ pip install argparse

$ pip install netaddr

$ apt-get install openssl

```

C. Run A2SV

```

$ python a2sv.py -h

```

## 3. How to Use?

```

usage: a2sv [-h] [-t TARGET] [-tf TARGETFILE] [-p PORT] [-m MODULE]

[-d DISPLAY] [-u] [-v]

optional arguments:

  -h, --helpshow this help message and exit

  -t TARGET, --target TARGET

Target URL and IP Address

 $ e.g -t 127.0.0.1

  -tf TARGETFILE, --targetfile TARGETFILE

Target file(list) URL and IP Address

 $ e.g -tf ./target.list

  -p PORT, --port PORT  Custom Port / Default: 443

 $ e.g -p 8080

  -m MODULE, --module MODULE

Check SSL Vuln with one module

[anonymous]: Anonymous Cipher

[crime]: Crime(SPDY)

[heart]: HeartBleed

[ccs]: CCS Injection

[poodle]: SSLv3 POODLE

[freak]: OpenSSL FREAK

[logjam]: OpenSSL LOGJAM

[drown]: SSLv2 DROWN

  -d DISPLAY, --display DISPLAY

Display output

[Y,y] Show output

[N,n] Hide output

  -o OUT, --out OUT Result write to file

 $ e.g -o /home/yourdir/result.txt

  -u, --update  Update A2SV (GIT)

  -v, --version Show Version

```

[Scan SSL Vulnerability]

```

$ python a2sv.py -t 127.0.0.1

$ python a2sv.py -t 127.0.0.1 -m heartbleed

$ python a2sv.py -t 127.0.0.1 -d n

$ python a2sv.py -t 127.0.0.1 -p 8111

$ python a2sv.py -tf target_list.txt

```

[Update A2SV]

```

$ python a2sv.py -u

$ python a2sv.py --update

```

## 4. Support

The answer is very slow because it's a project that I could't careful about.

## 5. Donate

I like coffee! I'm a coffee addict.






## 6. Screen shot





## 7. Code Reference Site

```

- poodle : https://github.com/supersam654/Poodle-Checker

- heartbleed : https://github.com/sensepost/heartbleed-poc

- ccs injection : https://github.com/Tripwire/OpenSSL-CCS-Inject-Test

- freak : https://gist.github.com/martinseener/d50473228719a9554e6a