A2SV: Auto Scanning Tool To Find SSL Vulnerability
What is A2SV?
Its an Auto Scanning tool to find SSL Vulnerability and its featured with HeartBleed, CCS Injection, SSLv3 POODLE, FREAK… etc
A. Support Vulnerability
[CVE-2014-0160] CCS Injection
[CVE-2014-0224] HeartBleed
[CVE-2014-3566] SSLv3 POODLE
[CVE-2015-0204] FREAK Attack
[CVE-2015-4000] LOGJAM Attack
[CVE-2016-0703] SSLv2 DROWN
B. Dev Plan
[PLAN] SSL ACCF
2. How to Install?
A. Download(clone) & Unpack A2SV
git clone https://github.com/hahwul/a2sv.git
cd a2sv
B. Install Python Package / OpenSSL
pip install argparse
pip install netaddr
apt-get install openssl
C. Run A2SV
python a2sv.py -h
3. How to Use?
usage: a2sv.py [-h] [-t TARGET] [-p PORT] [-m MODULE] [-v]
Optional arguments:
-h, –help show this help message and exit
-t TARGET, –target TARGET
Target URL/IP Address
-p PORT, –port PORT Custom Port / Default: 443
-m MODULE, –module MODULE
Check SSL Vuln with one module
[h]: HeartBleed
[c]: CCS Injection
[p]: SSLv3 POODLE
[f]: OpenSSL FREAK
[l]: OpenSSL LOGJAM
[d]: SSLv2 DROWN
-u, –update Update A2SV (GIT)
-v, –version Show Version
[Scan SSL Vulnerability]
python a2sv.py -t 127.0.0.1
python a2sv.py -t 127.0.0.1 -m heartbleed
python a2sv.py -t 127.0.0.1 -p 8111
[Update A2SV]
python a2sv.py -u
python a2sv.py –update
0 comments: