CryptoLyzer


NameCryptoLyzer JSON
Version 0.12.3 PyPI version JSON
download
home_page
SummaryA comprehensive cryptographic settings analyzer
upload_time2024-03-09 20:33:03
maintainerSzilárd Pfeiffer
docs_urlNone
authorSzilárd Pfeiffer
requires_python
licenseMPL-2.0
keywords ssl tls gost ja3 hassh https pop3 smtp imap ftp rdp xmpp jabber ldap sieve ssh hsts dnssec
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            **CryptoLyzer** is a fast, flexible, and comprehensive server cryptographic protocol
(`TLS <https://en.wikipedia.org/wiki/Transport_Layer_Security>`__,
`SSL <https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0>`__,
`SSH <https://en.wikipedia.org/wiki/Secure_Shell>`__,
`DNSSEC <https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions>`__) and related setting
(`HTTP headers <https://en.wikipedia.org/wiki/List_of_HTTP_header_fields>`__,
`DNS records <https://en.wikipedia.org/wiki/List_of_DNS_record_types>`__) analyzer and fingerprint
(`JA3 <https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967>`__,
`HASSH <https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c/>`__ tag) generator with
`application programming <https://en.wikipedia.org/wiki/API>`__ (API) and
`command line <https://en.wikipedia.org/wiki/Command-line_interface>`__ (CLI) interface.

However the API can provide the most complete functionality, the CLI also strives to be as comprehensive as possible. To
do that CLI provides three output formats. The first one for human analysis where the cryptographic algorithm names and
the values of key sizes and other security-related settings are colorized according to their security strength using the
well-known `traffic light rating system <https://en.wikipedia.org/wiki/Traffic_light_rating_system>`__. The other two
output formats (`Markdown <https://en.wikipedia.org/wiki/Markdown>`__, `JSON <https://en.wikipedia.org/wiki/JSON>`__)
are machine-readable, however the Markdown format even human-readable and even suitable for generating documentation in
different formats (e.g. DOCX, PDF, ...).

The strength of CryptoLyzer compared to its competitors is that it contains a custom implementation of cryptographic
protocols (`CryptoParser <https://cryptoparser.readthedocs.io>`__), which are as small as absolutely necessary for the
analysis, but as most comprehensive algorithm identifier sets of the cryptographic protocols
(`CryptoDataHub <https://cryptodatahub.readthedocs.io>`__) as possible. The combination of the two properly makes it
possible to check the support of rarely used, deprecated, non-standard, or experimental algorithms and methods that are
not yet or have never been supported by the most popular cryptographic algorithms. This way of working leads to the fact
that CryptoLyzer can recognize more TLS cipher suites than listed in total on
`Ciphersuite Info <https://ciphersuite.info/cs/>`__.

-----
Usage
-----

Pip
===

.. code:: shell

   pip install cryptolyzer

   cryptolyze tls all www.example.com
   cryptolyze tls1_2 ciphers www.example.com
   cryptolyze ssh2 ciphers www.example.com
   cryptolyze http headers www.example.com
   cryptolyze dns dnssec example.com

Docker
======

.. code:: shell

   docker run --rm coroner/cryptolyzer tls all www.example.com
   docker run --rm coroner/cryptolyzer tls1_2 ciphers www.example.com
   docker run --rm coroner/cryptolyzer ssh2 ciphers www.example.com
   docker run --rm coroner/cryptolyzer http headers www.example.com
   docker run --rm coroner/cryptolyzer dns dnssec example.com

.. code:: shell

   docker run -ti --rm -p 127.0.0.1:4433:4433 coroner/cryptolyzer ja3 generate 127.0.0.1:4433
   openssl s_client -connect 127.0.0.1:4433

   docker run -ti --rm -p 127.0.0.1:2121:2121 coroner/cryptolyzer ja3 generate ftp://127.0.0.1:2121
   openssl s_client -starttls ftp -connect 127.0.0.1:2121

.. code:: shell

   docker run -ti --rm -p 127.0.0.1:2222:4433 coroner/cryptolyzer hassh generate 127.0.0.1:2222
   openssl s_client -connect 127.0.0.1:2222

-------
Support
-------

Python implementation
=====================

-  CPython (2.7, 3.3+)
-  PyPy (2.7, 3.5+)

Operating systems
=================

-  Linux
-  macOS
-  Windows

------------
Social Media
------------

-  `Twitter <https://twitter.com/CryptoLyzer>`__
-  `Facebook <https://www.facebook.com/cryptolyzer>`__

-------------
Documentation
-------------

Detailed `documentation <https://cryptolyzer.readthedocs.io>`__ is available on the project's
`Read the Docs <https://readthedocs.com>`__ site.

-------
License
-------

The `code <https://gitlab.com/coroner/cryptolyzer>`__ is available under the terms of
`Mozilla Public License Version 2.0 <https://www.mozilla.org/en-US/MPL/2.0/>`__ (MPL 2.0).

A non-comprehensive, but straightforward description of MPL 2.0 can be found at
`Choose an open source license <https://choosealicense.com/licenses#mpl-2.0>`__ website.

-------
Credits
-------

-  `NLnet Foundation <https://nlnet.nl>`__ and `NGI Assure <https://www.assure.ngi.eu>`__, supports the project part of
   the `Next Generation Internet <https://ngi.eu>`__ initiative.
-  Icons made by `Freepik <https://www.flaticon.com/authors/freepik>`__ from `Flaticon <https://www.flaticon.com/>`__.

            

Raw data

            {
    "_id": null,
    "home_page": "",
    "name": "CryptoLyzer",
    "maintainer": "Szil\u00e1rd Pfeiffer",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "coroner@pfeifferszilard.hu",
    "keywords": "ssl tls gost ja3 hassh https pop3 smtp imap ftp rdp xmpp jabber ldap sieve ssh hsts dnssec",
    "author": "Szil\u00e1rd Pfeiffer",
    "author_email": "coroner@pfeifferszilard.hu",
    "download_url": "https://files.pythonhosted.org/packages/44/1c/e7486eac57786320e9a3d49c1fcd851876ae88b38ae477fac4c922729aaf/CryptoLyzer-0.12.3.tar.gz",
    "platform": null,
    "description": "**CryptoLyzer** is a fast, flexible, and comprehensive server cryptographic protocol\n(`TLS <https://en.wikipedia.org/wiki/Transport_Layer_Security>`__,\n`SSL <https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0>`__,\n`SSH <https://en.wikipedia.org/wiki/Secure_Shell>`__,\n`DNSSEC <https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions>`__) and related setting\n(`HTTP headers <https://en.wikipedia.org/wiki/List_of_HTTP_header_fields>`__,\n`DNS records <https://en.wikipedia.org/wiki/List_of_DNS_record_types>`__) analyzer and fingerprint\n(`JA3 <https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967>`__,\n`HASSH <https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c/>`__ tag) generator with\n`application programming <https://en.wikipedia.org/wiki/API>`__ (API) and\n`command line <https://en.wikipedia.org/wiki/Command-line_interface>`__ (CLI) interface.\n\nHowever the API can provide the most complete functionality, the CLI also strives to be as comprehensive as possible. To\ndo that CLI provides three output formats. The first one for human analysis where the cryptographic algorithm names and\nthe values of key sizes and other security-related settings are colorized according to their security strength using the\nwell-known `traffic light rating system <https://en.wikipedia.org/wiki/Traffic_light_rating_system>`__. The other two\noutput formats (`Markdown <https://en.wikipedia.org/wiki/Markdown>`__, `JSON <https://en.wikipedia.org/wiki/JSON>`__)\nare machine-readable, however the Markdown format even human-readable and even suitable for generating documentation in\ndifferent formats (e.g. DOCX, PDF, ...).\n\nThe strength of CryptoLyzer compared to its competitors is that it contains a custom implementation of cryptographic\nprotocols (`CryptoParser <https://cryptoparser.readthedocs.io>`__), which are as small as absolutely necessary for the\nanalysis, but as most comprehensive algorithm identifier sets of the cryptographic protocols\n(`CryptoDataHub <https://cryptodatahub.readthedocs.io>`__) as possible. The combination of the two properly makes it\npossible to check the support of rarely used, deprecated, non-standard, or experimental algorithms and methods that are\nnot yet or have never been supported by the most popular cryptographic algorithms. This way of working leads to the fact\nthat CryptoLyzer can recognize more TLS cipher suites than listed in total on\n`Ciphersuite Info <https://ciphersuite.info/cs/>`__.\n\n-----\nUsage\n-----\n\nPip\n===\n\n.. code:: shell\n\n   pip install cryptolyzer\n\n   cryptolyze tls all www.example.com\n   cryptolyze tls1_2 ciphers www.example.com\n   cryptolyze ssh2 ciphers www.example.com\n   cryptolyze http headers www.example.com\n   cryptolyze dns dnssec example.com\n\nDocker\n======\n\n.. code:: shell\n\n   docker run --rm coroner/cryptolyzer tls all www.example.com\n   docker run --rm coroner/cryptolyzer tls1_2 ciphers www.example.com\n   docker run --rm coroner/cryptolyzer ssh2 ciphers www.example.com\n   docker run --rm coroner/cryptolyzer http headers www.example.com\n   docker run --rm coroner/cryptolyzer dns dnssec example.com\n\n.. code:: shell\n\n   docker run -ti --rm -p 127.0.0.1:4433:4433 coroner/cryptolyzer ja3 generate 127.0.0.1:4433\n   openssl s_client -connect 127.0.0.1:4433\n\n   docker run -ti --rm -p 127.0.0.1:2121:2121 coroner/cryptolyzer ja3 generate ftp://127.0.0.1:2121\n   openssl s_client -starttls ftp -connect 127.0.0.1:2121\n\n.. code:: shell\n\n   docker run -ti --rm -p 127.0.0.1:2222:4433 coroner/cryptolyzer hassh generate 127.0.0.1:2222\n   openssl s_client -connect 127.0.0.1:2222\n\n-------\nSupport\n-------\n\nPython implementation\n=====================\n\n-  CPython (2.7, 3.3+)\n-  PyPy (2.7, 3.5+)\n\nOperating systems\n=================\n\n-  Linux\n-  macOS\n-  Windows\n\n------------\nSocial Media\n------------\n\n-  `Twitter <https://twitter.com/CryptoLyzer>`__\n-  `Facebook <https://www.facebook.com/cryptolyzer>`__\n\n-------------\nDocumentation\n-------------\n\nDetailed `documentation <https://cryptolyzer.readthedocs.io>`__ is available on the project's\n`Read the Docs <https://readthedocs.com>`__ site.\n\n-------\nLicense\n-------\n\nThe `code <https://gitlab.com/coroner/cryptolyzer>`__ is available under the terms of\n`Mozilla Public License Version 2.0 <https://www.mozilla.org/en-US/MPL/2.0/>`__ (MPL 2.0).\n\nA non-comprehensive, but straightforward description of MPL 2.0 can be found at\n`Choose an open source license <https://choosealicense.com/licenses#mpl-2.0>`__ website.\n\n-------\nCredits\n-------\n\n-  `NLnet Foundation <https://nlnet.nl>`__ and `NGI Assure <https://www.assure.ngi.eu>`__, supports the project part of\n   the `Next Generation Internet <https://ngi.eu>`__ initiative.\n-  Icons made by `Freepik <https://www.flaticon.com/authors/freepik>`__ from `Flaticon <https://www.flaticon.com/>`__.\n",
    "bugtrack_url": null,
    "license": "MPL-2.0",
    "summary": "A comprehensive cryptographic settings analyzer",
    "version": "0.12.3",
    "project_urls": {
        "Changelog": "https://cryptolyzer.readthedocs.io/en/latest/changelog",
        "Documentation": "https://cryptolyzer.readthedocs.io/en/latest/",
        "Homepage": "https://gitlab.com/coroner/cryptolyzer",
        "Issues": "https://gitlab.com/coroner/cryptolyzer/-/issues",
        "Source": "https://gitlab.com/coroner/cryptolyzer"
    },
    "split_keywords": [
        "ssl",
        "tls",
        "gost",
        "ja3",
        "hassh",
        "https",
        "pop3",
        "smtp",
        "imap",
        "ftp",
        "rdp",
        "xmpp",
        "jabber",
        "ldap",
        "sieve",
        "ssh",
        "hsts",
        "dnssec"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "c1cecd07f666a4aa6c35bcf2931f68ba5fd635405092edf3aaa81a711d6140e3",
                "md5": "2c7f22a8e30b0d373bea32ef2e081841",
                "sha256": "3f836945796ddd8d7068ef11309cb338586e196e123d397067891925d474cc26"
            },
            "downloads": -1,
            "filename": "CryptoLyzer-0.12.3-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "2c7f22a8e30b0d373bea32ef2e081841",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 109505,
            "upload_time": "2024-03-09T20:32:50",
            "upload_time_iso_8601": "2024-03-09T20:32:50.540396Z",
            "url": "https://files.pythonhosted.org/packages/c1/ce/cd07f666a4aa6c35bcf2931f68ba5fd635405092edf3aaa81a711d6140e3/CryptoLyzer-0.12.3-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "441ce7486eac57786320e9a3d49c1fcd851876ae88b38ae477fac4c922729aaf",
                "md5": "7b55449ead73f8575bff009184bc12b6",
                "sha256": "51d334f8f90edcae17b2172a6839042abcba4a99f2f4a3190078800f1c6d87e7"
            },
            "downloads": -1,
            "filename": "CryptoLyzer-0.12.3.tar.gz",
            "has_sig": false,
            "md5_digest": "7b55449ead73f8575bff009184bc12b6",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 96243,
            "upload_time": "2024-03-09T20:33:03",
            "upload_time_iso_8601": "2024-03-09T20:33:03.691753Z",
            "url": "https://files.pythonhosted.org/packages/44/1c/e7486eac57786320e9a3d49c1fcd851876ae88b38ae477fac4c922729aaf/CryptoLyzer-0.12.3.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-03-09 20:33:03",
    "github": false,
    "gitlab": true,
    "bitbucket": false,
    "codeberg": false,
    "gitlab_user": "coroner",
    "gitlab_project": "cryptolyzer",
    "lcname": "cryptolyzer"
}
        
Elapsed time: 0.22192s