« Apache Tomcat 7.0.41 Released | Main | Check Public Key Bit Length With This »

06/12/2013

CryptoNark 0.4.8 Released

So, it has been quite a while since I last posted an update to CryptoNark. Over one year actually. During that time, there have been quite a few high profile vulnerabilities like BEAST, CRIME, TLS Renegotiation. There have also been quite a few improvements to SSL/TLS during that time. OpenSSL 1.0 introduced support for TLS1.2, for example. Today, I'm posting the availability of cryptonark v0.4.8.

Changes and enhancements in CryptoNark v0.4.8:

  • All non-SSL related functionality has been removed from CryptoNark. I personally use it primarily as an ssl tool and there are other tools out there that do a better job of scanning for unsafe URLs or TRACE/TRACK vulnerabilities. Normally, I will use one of my own scripts dedicated to those tasks any way and rarely used cnark's -xl option.
  • Removing the -xl/--kitchen-sink options negates the needs for CPAN modules XML::LibXML, HTTP::Headers, and HTTP::Request.
  • Added OpenSSL version detection. Nothing fancy here but if your openssl version is 1.0.0 or greater. CryptoNark will scan with TLS 1.2 ciphers in addition to SSL2, SSL3, and TLS1.
  • Added elliptic curve (ECDH/ECDHE) cipher suites to SSL3/TLS1/TLS1.2 scans.
  • MD5 ciphers are now flagged as weak.

You can download a copy from the Downloads page and thanks a lot for giving cryptonark a try!

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01156fbc6fe6970c0191033e5f99970c

Listed below are links to weblogs that reference CryptoNark 0.4.8 Released:

Comments