Release of sslcaudit v1.0 RC1

UPDATE: Newer version of sslcaudit is available here.

Here is sslcaudit v1.0 RC1. The goal of the project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. The project is GPL-licensed, source code hosted at github. PDF user guide is available at here.

INTRODUCTION

The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It might be useful for testing a thick client, a mobile application, an appliance, pretty much anything communicating over SSL/TLS over TCP.

INSTALLATION

There is no procedure for installation yet. Just grab the code:
• Download ZIP archive at http://github.com/grwl/sslcaudit/zipball/release_1_0_rc1
• Or clone leading edge master GIT repository: git clone git://github.com/grwl/sslcaudit.git
• Find sslcaudit in the top level directory and run it with -h option.

PDF user guide is available at here, you should consider reading it.

Sslcaudit uses M2Crypto Python library. If you dependencies problem, you might see following:

$ ./sslcaudit
Traceback (most recent call last):
...
ImportError: No module named M2Crypto

On Debian system M2Crypto library can be installed with the following command:

$ sudo apt-get install python-m2crypto

LICENSING

GPLv3, see COPYING.