drwetter Follow

Dirk Wetter drwetter

Hamburg, Germany
https://testssl.sh

Block or report user

Report or block drwetter

Contact Support about this user’s behavior.

Learn more about reporting abuse

Hamburg, Germany
https://testssl.sh

Block or report user

Report or block drwetter

Contact Support about this user’s behavior.

Learn more about reporting abuse

Pinned

testssl.sh

Testing TLS/SSL encryption anywhere on any port

Shell 3.8k 549
F5-BIGIP-Decoder

Detecting and decoding BIGIP cookies in bash

Shell 12 5
openssl-1.0.2.bad

Forked from PeterMosmans/openssl

Snapshot for testssl.sh >2.8 from PM's fork, ready to compile, incl. IPv6 support (for Unices only). Extra featured OpenSSL with borken things and newer ciphers

C 3 1
SecLists

Forked from danielmiessler/SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

PHP 3 2
sullo/nikto

Nikto web server scanner

Perl 3.6k 601
OWASP/Docker-Security

Getting a handle on container security

Dockerfile 214 42

775 contributions in the last year

Contribution activity

February 2020

drwetter has no activity yet for this period.

January 2020

drwetter/OWASP-wiki-md Jan 27

Created a pull request in drwetter/testssl.sh that received 2 comments

Shortcuts for vulnerability tests for TLS 1.3 only servers

Several vulnerability checks add a time penalty when the server side only support TLS 1.3 as The TLS 1.3 RFC 8446 and implementations known so far …

+127 −56 • 2 comments

Fix --ids-friendly Jan 30
Fix --ids-friendly Jan 30
Status update / mir rephrasing of key features Jan 30
Suppress displaying an error in maketempf() Jan 26
Reorder functions and some variables Jan 24
Documention update Jan 24
Squash the last futile -msg for $OPENSSL Jan 23
Move debugging remainders detection to t/00_testssl_help.t Jan 22
Further handshakes / minor changes Jan 22
add check for forgotten "set -x" + provide defined start conditions Jan 18
add also here -z Jan 17
Shortcuts for TLS13 only servers in renegotiation checks Jan 17
fix language Jan 17
fix missing -z Jan 17
Update attributions and changes for release Jan 17
Warning for handshake retrieved by Google apps Jan 16
Last fine tuning for http basic auth Jan 16
Add one second for 825 day validity test Jan 15
Reimplement mitigation check (renegotiation->node.js) Jan 15
Revert "Avoid false-positives when testing for CVE-2011-1473 / maximum of 3 renegotiation attempts" Jan 15
Try temp file creation in a different location Jan 14
bump version to final Jan 13
Update clienthandshakes Jan 13
Avoid conflict of parallel mass scanning + connect timeouts Jan 13
Update CA stores Jan 10
Some pull requests not shown.

Reorganize TLS 1.3 key derivation Jan 27
Add support for HTTP Basic Auth Jan 15

Created an issue in drwetter/testssl.sh that received 4 comments

Bad file descriptor (--connect-timeout + --parallel)

Just doing some parallel mass scanning. One is a Debian machine, one an Opensuse (Tumbleweed) box. On the latter it's hard to do any scan successfu…

4 comments

Newer Edge version Jan 30
Unnecessary warnings for TLS 1.3-only servers (II) Jan 20
Android 10 clientsimulation Jan 13
New Java certificate store. @ all: any problems? Jan 10
HTTP headers under OpenBSD Jan 8
HTTP time using recent OpenBSD date Jan 8
Bug: RSA and EC keysize under OpenBSD is not reported correctly Jan 7

self-signed certificate expired Jan 22

You can’t perform that action at this time.