[Ach] nogotofail

Aaron Zauner azet at azet.org
Tue Nov 4 19:30:57 CET 2014


Just spotted a recently open-sourced project by Google:

Nogotofail is a network security testing tool designed to help
developers and security researchers spot and fix weak TLS/SSL
connections and sensitive cleartext traffic on devices and
applications in a flexible, scalable, powerful way. It includes
testing for common SSL certificate verification issues, HTTPS and
TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext
issues, and more.


Excellent idea.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141104/a35436c3/attachment.sig>

More information about the Ach mailing list