UPDATE: Newer version of sslcaudit is available here.
Here is sslcaudit v1.0 RC1. The goal of the project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. The project is GPL-licensed, source code hosted at github. PDF user guide is available at here.
INTRODUCTION
The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It might be useful for testing a thick client, a mobile application, an appliance, pretty much anything communicating over SSL/TLS over TCP.
INSTALLATION
There is no procedure for installation yet. Just grab the code:
• Download ZIP archive at http://github.com/grwl/sslcaudit/zipball/release_1_0_rc1
• Or clone leading edge master GIT repository: git clone git://github.com/grwl/sslcaudit.git
• Find sslcaudit in the top level directory and run it with -h option.
PDF user guide is available at here, you should consider reading it.
Sslcaudit uses M2Crypto Python library. If you dependencies problem, you might see following:
$ ./sslcaudit
Traceback (most recent call last):
...
ImportError: No module named M2Crypto
On Debian system M2Crypto library can be installed with the following command:
$ sudo apt-get install python-m2crypto
LICENSING
GPLv3, see COPYING.