TLSAssistant
Analyse TLS implementations to discover their vulnerabilities, the degree of
compliance and suggesting the necessary mitigations to correct them
problems
Description
TLSAssistant is a research tool developed to facilitate work
iOS/Android system administrators and developers facing with
TLS implementations.
Its use makes it possible to analyse Webservers (locally or remotely)
and iOS/Android apps to assess their safety status and all of them
TLS vulnerabilities that could be exploited to endanger
the security of transmissions.
TLSAssistant is also able to verify the degree of compliance of a
implementation against a set of five national guidelines and
supranational
TLSAssistant’s strength is the generation of a report capable of
to list the vulnerabilities present, explain their impact and guide
step towards their resolution.
The mitigations were collected by extracting information from
scientific literature and technical manuals provided by each producer.
Features
- vulnerability analysis for Apache and nginx Webserver
- compliance analysis for Apache and nginx Webserver
- reports containing copy-paste code fragments to mitigate the
problems identified