tlsfuzzer/tlsfuzzer — SSL and TLS protocol test suite and fuzzer

tlsfuzzer

tlsfuzzer is a test suite for SSLv2, SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 implementations. It's in early stages of development, so there are no API stability guarantees. While it uses fuzzing techniques for testing (randomisation of passed in inputs), the scripts are generally written in a way that verifies correct error handling: unlike typical fuzzers it doesn't check only that the system under test didn't crash, it checks that it returned correct error messages.

You can find ready-to-use scripts testing for many vulnerabilities ( ROBOT, DROWN, etc.) and general standards conformity (RFC 5246, RFC 7627, RFC 7905, etc.) in the scripts/ directory.

Dependencies

You'll need:

Python 2.6 or later or Python 3.6 or later
tlslite-ng 0.8.1 or later (note that tlslite will not work and they conflict with each other)

tlsfuzzer

Quick Overview

Scores

Trust Score

Maintenance

Popularity

Star History

Snapshot Versions

Alternatives

nodebestpractices

puppeteer

storybook

playwright

localstack

jest

Community Reviews

README

tlsfuzzer

Dependencies