/smell-test

Monitor router traffic and flag weak TLS configuations

Primary LanguageShellGNU General Public License v3.0GPL-3.0

Smell Test Build Status

Basic idea: run this script on a router and sniff DNS requests using scapy3k.

Run testssl.sh on these domains and log the results

Compile a list of the worst offenders for analysis.

Contact domain admins so that they can update their security

Installation

Clone this repo and then use pip to install each of the libraries from requirements.txt

For now the script must be run using sudo in order to analyse packets. This will be changed in the future (probably by using a designated group). See the wireshark documentation for more information.