TLS-Attacker v1.1 is a Java-based framework for analyzing TLS libraries.

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow and test it against his TLS library.

Please note: TLS-Attacker is a research tool intended for TLS developers and pentesters. There is no GUI and no green/red lights. It is the first version and can contain some bugs.tls-attacker

TLS-Attacker consists of several (maven) projects:
+ Transport: Transport utilities for TCP and UDP.
+ ModifiableVariable: Contains modifiable variables that allow one to execute (specific as well as random) variable modifications during the protocol flow. ModifiableVariables are used in the protocol messages.
+ TLS: Protocol implementation, currently (D)TLS1.2 compatible.
+ Attacks: Implementation of some well-known attacks and tests for these attacks.
+ Fuzzer: Fuzzing framework implemented on top of the TLS-Attacker functionality.

Currently, the following features are supported:
– TLS versions 1.0 (RFC-2246), 1.1 (RFC-4346) and 1.2 (RFC-5246)
– DTLS 1.2 (RFC-6347)
– (EC)DH and RSA key exchange algorithms
– AES CBC cipher suites
– Extensions: EC, EC point format, Heartbeat, Max fragment length, Server name, Signature and Hash algorithms
– TLS client and server


git clone && cd TLS-Attacker
./mvnw clean package -DskipTests=true

cd resources
openssl s_server -key rsa1024key.pem -cert rsa1024cert.pem -verify ec256cert.pem
java -jar Runnable/target/TLS-Attacker-1.0.jar -help


Source: Security List Network™ @ May 31, 2016 at 11:42AM