CryptoNark 0.4.8 Released
So, it has been quite a while since I last posted an update to CryptoNark. Over one year actually. During that time, there have been quite a few high profile vulnerabilities like BEAST, CRIME, TLS Renegotiation. There have also been quite a few improvements to SSL/TLS during that time. OpenSSL 1.0 introduced support for TLS1.2, for example. Today, I'm posting the availability of cryptonark v0.4.8.
Changes and enhancements in CryptoNark v0.4.8:
- All non-SSL related functionality has been removed from CryptoNark. I personally use it primarily as an ssl tool and there are other tools out there that do a better job of scanning for unsafe URLs or TRACE/TRACK vulnerabilities. Normally, I will use one of my own scripts dedicated to those tasks any way and rarely used cnark's -xl option.
- Removing the -xl/--kitchen-sink options negates the needs for CPAN modules XML::LibXML, HTTP::Headers, and HTTP::Request.
- Added OpenSSL version detection. Nothing fancy here but if your openssl version is 1.0.0 or greater. CryptoNark will scan with TLS 1.2 ciphers in addition to SSL2, SSL3, and TLS1.
- Added elliptic curve (ECDH/ECDHE) cipher suites to SSL3/TLS1/TLS1.2 scans.
- MD5 ciphers are now flagged as weak.
You can download a copy from the Downloads page and thanks a lot for giving cryptonark a try!