SSL Archives - 7ASecurity Blog https://7asecurity.com/blog/ Helping you secure apps and websites Fri, 28 Mar 2025 10:17:55 +0000 en-US hourly 1 https://7asecurity.com/blog/contents/uploads/2019/06/favicon.ico SSL Archives - 7ASecurity Blog https://7asecurity.com/blog/ 32 32 Hacking Mandated Apps – Part 3: What is SSL? [ MSTG-NETWORK-1 ] https://7asecurity.com/blog/2019/09/hacking-government-mandated-apps-part-3-what-is-ssl/ Tue, 03 Sep 2019 00:19:16 +0000 Previous blog posts you might have missed and maybe you would like to read first for background: Part 1: Intro Part 2: Translating APKs The OWASP Mobile Application Security Verification Standard classifies the flaw explained in this blog post, under section V5: Network Communication Requirements, as follows: MSTG-NETWORK-1: Data is encrypted on the network using …

The post Hacking Mandated Apps – Part 3: What is SSL? [ MSTG-NETWORK-1 ] appeared first on 7ASecurity Blog.

]]> Test your SSL: TLSSLed v1.2 released! https://7asecurity.com/blog/2011/10/test-your-ssl-tlssled-v12-released/ Wed, 19 Oct 2011 21:12:00 +0000 I have decided to stop swearing when tools don’t work and fixing them or implementing my improvements and then send them to the tool author instead. The point is to give back to the community since after all the community gave it to me for free first :). As part of this initiative as I was …

The post Test your SSL: TLSSLed v1.2 released! appeared first on 7ASecurity Blog.

]]> Testing for SSL-TLS (OWASP-CM-001) https://7asecurity.com/blog/2011/07/testing-for-ssl-tls-owasp-cm-001/ Sat, 16 Jul 2011 01:17:00 +0000 A nice tool for SSL cipher testing is this Perl script: ssl-cipher-check.pl, however, in Backtrack and also on other distros you may get this error the first time you run it: ssl-cipher-check.pl -vw my.exampledomain.com 443 … ERROR: Unable to find /usr/bin/gnutls-cli-debug. Please install the gnutls-devel package To avoid that simply install the missing package as …

The post Testing for SSL-TLS (OWASP-CM-001) appeared first on 7ASecurity Blog.

]]> Setting up stunnel in client mode in Backtrack 4 / Ubuntu https://7asecurity.com/blog/2011/03/setting-up-stunnel-in-client-mode-in/ Fri, 11 Mar 2011 04:55:00 +0000 This blog post will explain how to configure stunnel to allow non-SSL speaking tools (like for example netcat) to communicate with SSL protocols, in our example we will use HTTPS. Before stunnel, direct attempt of using a non-SSL tool: # nc www.example.com 443 HEAD / HTTP/1.0 .. 400 Bad Request Bad Request Your browser sent …

The post Setting up stunnel in client mode in Backtrack 4 / Ubuntu appeared first on 7ASecurity Blog.

]]>