KeenRivals / Bugsite Index
Index of websites publishing bugs along the lines of heartbleed.com
Stars: ✭ 38
Projects that are alternatives of or similar to Bugsite Index
Cppserver
Ultra fast and low latency asynchronous socket server & client C++ library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution
Stars: ✭ 528 (+1289.47%)
Mutual labels: ssl, tls
Certigo
A utility to examine and validate certificates in a variety of formats
Stars: ✭ 662 (+1642.11%)
Mutual labels: ssl, tls
Mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Stars: ✭ 25,495 (+66992.11%)
Mutual labels: ssl, tls
Ssl Proxy
🔒 Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
Stars: ✭ 427 (+1023.68%)
Mutual labels: ssl, tls
Twisted
Event-driven networking engine written in Python.
Stars: ✭ 4,442 (+11589.47%)
Mutual labels: ssl, tls
Trustme
#1 quality TLS certs while you wait, for the discerning tester
Stars: ✭ 355 (+834.21%)
Mutual labels: ssl, tls
Beetlex
high performance dotnet core socket tcp communication components, support TLS, HTTP, HTTPS, WebSocket, RPC, Redis protocols, custom protocols and 1M connections problem solution
Stars: ✭ 802 (+2010.53%)
Mutual labels: ssl, tls
Netcoreserver
Ultra fast and low latency asynchronous socket server & client C# .NET Core library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution
Stars: ✭ 799 (+2002.63%)
Mutual labels: ssl, tls
S2n Tls
s2n : an implementation of the TLS/SSL protocols
Stars: ✭ 4,029 (+10502.63%)
Mutual labels: ssl, tls
Pem
Create private keys and certificates with node.js
Stars: ✭ 496 (+1205.26%)
Mutual labels: ssl, tls
Illustrated Tls13
The Illustrated TLS 1.3 Connection: Every byte explained
Stars: ✭ 372 (+878.95%)
Mutual labels: ssl, tls
Testssl.sh
Testing TLS/SSL encryption anywhere on any port
Stars: ✭ 5,676 (+14836.84%)
Mutual labels: ssl, tls
Acme Client
Let's Encrypt / ACME client written in PHP for the CLI.
Stars: ✭ 337 (+786.84%)
Mutual labels: ssl, tls
Scapy Ssl tls
SSL/TLS layers for scapy the interactive packet manipulation tool
Stars: ✭ 354 (+831.58%)
Mutual labels: ssl, tls
Pyopenssl
A Python wrapper around the OpenSSL library
Stars: ✭ 701 (+1744.74%)
Mutual labels: ssl, tls
Mruby Tls
mruby wrapper for libtls from http://www.libressl.org/
Stars: ✭ 5 (-86.84%)
Mutual labels: ssl, tls
Overview
The goal of this project is to maintain a list of bug websites such as Heartbleed.com. Contributions welcome!
Websites
- Backronym.fail – allows for an attacker to downgrade and snoop on the SSL/TLS connection that MySQL client libraries use to communicate to a MySQL server.
- Badlock.org – MITM attack for samba in an Active Directory environment.
- BreachAttack.com – HTTPS information leak by compression. Related to CRIME.
- Dirty COW – a privilege escalation vulnerability in the Linux Kernel.
- DUHK Attack – devices using the ANSI X9.31 Random Number Generator (RNG) in conjunction with a hard-coded seed key allows attackers to recover the secret key.
- DrownAttack.com – attacks servers supporting modern TLS protocol suites by using their support for the obsolete, insecure, SSL v2 protocol.
- Factorable.net – widespread weak keys in network devices.
- FreakAttack.com – allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption
- GoToFail.com – certain Apple iOS versions did not check TLS certificate validity.
- Heartbleed.com – OpenSSL memory leak which could leak private keys.
- httpoxy.org – insecure handling of HTTP proxy environment variable in CGI applications.
- ImageTragick.com – remote code execution in imagemagick via user-submitted images.
- KRACKAttacks.com – WPA2 vulnerability resulting from nonce reuse that enables decryption of sent packets. In some cases this leads to MITM.
- MeltdownAttack.com - Information leak via broken isolation between priviledged and unpriviledged memory.
- OCSP Status Request - Allows exhaustion of server memory through OSCP Status Requests.
- Poodle.io – allows MITM attacker to downgrade TLS connections and decrypt SSLv3 connections.
- ROBOTAttack.org – Return of a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.
- SHAttered.io - Collision attack against SHA-1.
- SpectreAttack.com - Information leak via speculative execution behaviors in modern CPUs.
- Sweet32.info - Birthday attacks on 64-bit block ciphers in TLS and OpenVPN.
- WeakDH.org – applications which support DHE_EXPORT ciphers allow MITM via weak Diffie-Hellman keys.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].