Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Online "Passive" Info Gathering Tools
Date: Fri Oct 17 2003 - 17:40:42 CDT
I have been working to bring together a number of links/forms together to make it simpler to carryout "passive" information gathering phases during an assessment. While there is a vast number of online tools - I have gatherd togther some of my favourites - but I can't appear to find one specific online tool that would be quite useful in alot of cases... specially in the precursor to web application assessments.
Does anyone know of, or have, a link to a site that does the following:
1. given an website running HTTPS - can display (and perferably analyse) the SSL certificate in a nice way.
2. connect to website running HTTPS - and chck what versions and encryption levels the server handles (e.g. SSL v.2, SSL v.3, TLS, 40 bit, 56 bit....)
3. (or more flexibly) given a DNS name and specific port - identify the version of SSL/certificate.
While there are a number of tools that can do this (such as Nessus) - are there any sites around that provide this level of SSL/HTTPS analysis. Perferably, the hosting site should be reliable and be around for more than a couple of months (trustworthy would be nice too). :-)
For those interested, the current collection of tools (and their righful owners links) can be found at: http://www.technicalinfo.net/tools/index.html