GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → syncsynchalt → Tincan Tls

syncsynchalt / Tincan Tls

A cleanroom implementation of TLS 1.3

Programming Languages

go
31211 projects - #10 most used programming language

Labels

netsectls13

Projects that are alternatives of or similar to Tincan Tls

active-scanning-techniques
A compilation of network scanning strategies to find vulnerable devices
Stars: ✭ 61 (+238.89%)
Mutual labels:  netsec
avain
A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (+211.11%)
Mutual labels:  netsec
Illustrated Tls13
The Illustrated TLS 1.3 Connection: Every byte explained
Stars: ✭ 372 (+1966.67%)
Mutual labels:  tls13
art-of-packet-crafting-with-scapy
A workshop on Packet Crafting using Scapy.
Stars: ✭ 123 (+583.33%)
Mutual labels:  netsec
Home-Lab
This is the network diagrams, configuration guides, and hardware used for my home lab.
Stars: ✭ 62 (+244.44%)
Mutual labels:  netsec
Sysmon Config
Sysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+18161.11%)
Mutual labels:  netsec
mos-tls-tunnel
Archived. Check this out https://github.com/IrineSistiana/simple-tls
Stars: ✭ 21 (+16.67%)
Mutual labels:  tls13
Lsquic
LiteSpeed QUIC and HTTP/3 Library
Stars: ✭ 727 (+3938.89%)
Mutual labels:  tls13
maalik
Feature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (+316.67%)
Mutual labels:  netsec
Tlsfuzzer
SSL and TLS protocol test suite and fuzzer
Stars: ✭ 335 (+1761.11%)
Mutual labels:  tls13
wolfssl-py
Python wrapper for wolfSSL embedded SSL/TLS library.
Stars: ✭ 30 (+66.67%)
Mutual labels:  tls13
ssldump
ssldump - (de-facto repository gathering patches around the cyberspace)
Stars: ✭ 160 (+788.89%)
Mutual labels:  tls13
Evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
Stars: ✭ 286 (+1488.89%)
Mutual labels:  netsec
edge
Application-embedded connectivity and zero-trust components
Stars: ✭ 44 (+144.44%)
Mutual labels:  netsec
Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (+2072.22%)
Mutual labels:  netsec
tttls1.3
TLS 1.3 implementation in Ruby (Tiny Trial TLS1.3 aka tttls1.3)
Stars: ✭ 14 (-22.22%)
Mutual labels:  tls13
xquic
XQUIC Library released by Alibaba is a cross-platform implementation of QUIC and HTTP/3 protocol.
Stars: ✭ 943 (+5138.89%)
Mutual labels:  tls13
Docker Nginx Http3
Alpine Linux image with Nginx 1.19.4 (mainline) with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli, NJS support, and 10 MB size. All built on the bleeding edge for max performance. Built on the edge, for the edge.
Stars: ✭ 820 (+4455.56%)
Mutual labels:  tls13
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+3666.67%)
Mutual labels:  netsec
Wolfmqtt
wolfMQTT is a small, fast, portable MQTT client implementation, including support for TLS 1.3.
Stars: ✭ 316 (+1655.56%)
Mutual labels:  tls13
View All Similar Projects ➔

tincan-tls

Lover's telephone

This is a soup-to-nuts implementation of TLS 1.3 created by staring at documents for hours until code came out. The single goal was to establish a valid TLS session by any means possible and trick servers into talking to me.

This code is crude and lumpy and ugly. This is intentional and should serve as a warning to others: this code is not usable for real work. In particular the crypto code is slow and full of timing side-channels. Any attempts to clean things up will be viewed as an attempt to trick someone else into using this code and will be rejected.

To win a bet I implemented this with as few dependencies as possible. The crypto library has only one dependency, crypto/rand. This caused some code to be particularly un-golangly as I couldn't create error objects.

Note: The above paragraphs are examples of bad software practices.

Usage

Build and run with the following:

go get github.com/syncsynchalt/tincan-tls/cmd/tincan-client
export PATH=$PATH:~/go/bin
tincan-client host port

Algorithms

The following algorithms were built for this implementation:

  • SHA-256 message digest - RFC 6234
  • HMAC message authentication codes - RFC 2104
  • AES-128 symmetric cipher - FIPS 197
  • curve25519 (a particular elliptic curve) - RFC 7748
  • ECDHE (Elliptic Curve Diffie-Hellman with Ephemeral keys) - RFC 4492
  • GCM (Galois/Counter Mode) - NIST SP 800-38D
  • HKDF (HMAC Key Derivation Function) - RFC 5869
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].