All Projects → dlenski → what-vpn

dlenski / what-vpn

Licence: other
Identify servers running various SSL VPNs based on protocol-specific behaviors

Programming Languages

python
139335 projects - #7 most used programming language

Projects that are alternatives of or similar to what-vpn

Fpnd
Python package for freepn network daemon
Stars: ✭ 271 (+1029.17%)
Mutual labels:  vpn, network-security
Trustme
#1 quality TLS certs while you wait, for the discerning tester
Stars: ✭ 355 (+1379.17%)
Mutual labels:  tls, testing-tools
Ivre
Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+9612.5%)
Mutual labels:  network-discovery, network-security
Scapy
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Stars: ✭ 6,932 (+28783.33%)
Mutual labels:  network-discovery, network-security
Internet.nl
Internet standards compliance test suite
Stars: ✭ 56 (+133.33%)
Mutual labels:  tls, testing-tools
Leaf
A lightweight and fast proxy utility tries to include any useful features.
Stars: ✭ 530 (+2108.33%)
Mutual labels:  tls, vpn
Tlsfuzzer
SSL and TLS protocol test suite and fuzzer
Stars: ✭ 335 (+1295.83%)
Mutual labels:  tls, testing-tools
SaltwaterTaffy
An nmap wrapper library for .NET
Stars: ✭ 44 (+83.33%)
Mutual labels:  network-discovery, network-security
Softethervpn
Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
Stars: ✭ 8,531 (+35445.83%)
Mutual labels:  tls, vpn
Subnet
Simple, auditable & elegant VPN, built with TLS mutual authentication and TUN.
Stars: ✭ 1,040 (+4233.33%)
Mutual labels:  tls, vpn
cryptonice
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…
Stars: ✭ 91 (+279.17%)
Mutual labels:  tls, tls-scan
ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+11200%)
Mutual labels:  network-discovery, network-security
libanonvpn
Library for TUN and TAP devices over I2P in Go Applications
Stars: ✭ 35 (+45.83%)
Mutual labels:  vpn
linux-cli-community
Linux command-line client for ProtonVPN. Written in Python.
Stars: ✭ 1,166 (+4758.33%)
Mutual labels:  vpn
android
Android eduVPN application
Stars: ✭ 80 (+233.33%)
Mutual labels:  vpn
Open2Nord
A Python script that makes connecting to NordVPN servers through OpenVPN GUI a lot easier, and adds extra functionality
Stars: ✭ 22 (-8.33%)
Mutual labels:  vpn
DeepfakeHTTP
DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
Stars: ✭ 373 (+1454.17%)
Mutual labels:  testing-tools
VPNStatus
VPNStatus, a replacement for macOS builtin VPN Status
Stars: ✭ 107 (+345.83%)
Mutual labels:  vpn
gonids
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
Stars: ✭ 140 (+483.33%)
Mutual labels:  network-security
testkube
☸️ Kubernetes-native framework for test definition and execution
Stars: ✭ 172 (+616.67%)
Mutual labels:  testing-tools

License: GPL v3 Build Status PyPI

what-vpn

Identifies servers running various SSL VPNs. (They should really be called "TLS-based" VPNs, but "SSL VPN" has become the de facto standard jargon.) Currently it can recognize…

  • Cisco AnyConnect and OpenConnect (ocserv)
  • Juniper Network Connect/Pulse
  • PAN GlobalProtect
  • Barracuda Networks
  • Check Point
  • Microsoft SSTP
  • OpenVPN
  • Fortinet
  • Array Networks
  • F5 BigIP
  • SonicWall NX

Install

Requires Python 3, pip, and requests:

$ pip3 install https://github.com/dlenski/what-vpn/archive/master.zip
...
$ what-vpn
usage: what-vpn [-h] [-k] [-t SEC] [-v | -c] server [server ...]
what-vpn: error: the following arguments are required: server

Examples

$ what-vpn vpn.colorado.edu vpn.northeastern.edu \
    vpn.tnstate.edu vpn.smith.edu vpn.caltech.edu \
    vpn.yale.edu vpn.drew.edu vpn.uca.edu vpn.simmons.edu \
    vpn.nl.edu cpvpn.its.hawaii.edu ssl-vpn.***.com
vpn.colorado.edu: AnyConnect/OpenConnect (Cisco)
vpn.northeastern.edu: PAN GlobalProtect (portal)
vpn.tnstate.edu: PAN GlobalProtect (portal+gateway)
vpn.smith.edu: Juniper Network Connect
vpn.caltech.edu: AnyConnect/OpenConnect (Cisco, ASA (9.1(6)6))
vpn.yale.edu: AnyConnect/OpenConnect (Cisco, ASA (8.4(5)))
vpn.uca.edu: Barracuda (2017)
vpn.simmons.edu: Check Point (2015, 20%)
vpn.nl.edu: Check Point
cpvpn.its.hawaii.edu: Check Point
vpn.***.com: Array Networks (40%)
ssl-vpn.***.com: no match

$ what-vpn -kv vpn.***.com

Sniffing ***.***.com ...
  Is it AnyConnect/OpenConnect? ocserv, 0.8.0-0.11.6
  Is it Juniper Network Connect? no match
  Is it PAN GlobalProtect? no match
  Is it Barracuda? no match
  Is it Check Point? no match
  Is it SSTP? no match
  Is it OpenVPN? no match
  => AnyConnect/OpenConnect (ocserv, 0.8.0-0.11.6)

Interesting results

An interesting question for the open source community, including the indispensable OpenConnect (which I also contribute to) is…

What are the most commonly-used SSL VPN protocols in the real world?

2019 results

In April 2019, I took a list of major universities and companies in the USA, and generated some guesses for the hostnames of their VPN endpoints (e.g. {vpn,ssl-vpn,sslvpn}.*.{edu,com}). I then used what-vpn to probe them all and looked at the subset of the results that matched to an identifiable SSL VPN protocol:

  1  Check Point
  1  Citrix (manually inspected, don't know how to reliably autodetect)
  1  OpenVPN
  5  Dell or SonicWall (manually inspected, didn't know how to reliably autodetect at the time
  7  Fortinet
  7  Barracuda
  8  F5 (manually inspected, didn't know how to reliably autodetect at this time)
 14  SSTP
 53  PAN GlobalProtect (portal and/or gateway)
 72  Juniper Network Connect (or Junos/Pulse, hard to distinguish)
243  Cisco AnyConnect (including 1 ocserv)

Assuming these results are roughly representative of “SSL VPN” deployments in general (at least in the USA), they show that OpenConnect already supports the top 3 most commonly-encountered SSL VPN protocols, or about 80% of SSL VPNs. Additionally Microsoft SSTP is supported by the open-source sstp-client, and of course OpenVPN is well-supported by open-source clients as well.

(Excerpted from this post on the OpenConnect mailing list)

2021 results

I repeated this analysis in February 2021 (after having implemented F5, SonicWall NX, and Array Networks sniffers, and having improved several others). This time, I expanded the pool of names to include {vpn,ssl-vpn,sslvpn,remote,vpn2,new.vpn,access}.*.{edu,com}. Here are the 2021 results for servers that matched to an identifiable SSL VPN protocol:

  1  Array Networks
  4  Barracuda
  4  Check Point
  6  SonicWall NX
  8  OpenVPN
 14  SSTP
 21  F5 BigIP
 29  Fortinet
 83  Pulse Secure (most also support the older Juniper protocol)
103  PAN GlobalProtect (includes 7 servers that behave in a slightly odd way)
298  Cisco AnyConnect (no ocserv found this time)

We've recently added support in OpenConnect for Fortinet and F5 BigIP (with support for SonicWall NX coming soon). Combined with AnyConnect, GlobalProtect, and Pulse/Juniper, this means that OpenConnect now supports 5 of the most highly-used SSL VPN protocols.

Assuming again that these results are roughly representative of “SSL VPN” deployments in general (at least in the USA). That means that OpenConnect now supports almost 93% of SSL VPNs in real-world use.

TODO

  • Identify non-SSL/TLS-based VPNs? (e.g. IPSEC, à la ike-scan)
  • Identify more SSL VPNs: Citrix, Dell… any others?
    • Fix apparent false-negatives for some SonicWall servers
  • Identify specific versions or flavors of VPN servers?
  • Better confidence levels?

License

GPLv3 or later

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].