Summary

CryptoLyzer is a fast, flexible, and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with application programming (API) and command line (CLI) interface.

However the API can provide the most complete functionality, the CLI also strives to be as comprehensive as possible. To do that CLI provides three output formats. The first one for human analysis where the cryptographic algorithm names and the values of key sizes and other security-related settings are colorized according to their security strength using the well-known traffic light rating system. The other two output formats (Markdown, JSON) are machine-readable, however the Markdown format even human-readable and even suitable for generating documentation in different formats (e.g. DOCX, PDF, …).

The strength of CryptoLyzer compared to its competitors is that it contains a custom implementation of cryptographic protocols (CryptoParser), which are as small as absolutely necessary for the analysis, but as most comprehensive algorithm identifier sets of the cryptographic protocols (CryptoDataHub) as possible. The combination of the two properly makes it possible to check the support of rarely used, deprecated, non-standard, or experimental algorithms and methods that are not yet or have never been supported by the most popular cryptographic algorithms. This way of working leads to the fact that CryptoLyzer can recognize more TLS cipher suites than listed in total on Ciphersuite Info.

Usage

Pip

pip install cryptolyzer

cryptolyze tls all www.example.com
cryptolyze tls1_2 ciphers www.example.com
cryptolyze ssh2 ciphers www.example.com
cryptolyze http headers www.example.com
cryptolyze dns dnssec example.com

Docker

docker run --rm coroner/cryptolyzer tls all www.example.com
docker run --rm coroner/cryptolyzer tls1_2 ciphers www.example.com
docker run --rm coroner/cryptolyzer ssh2 ciphers www.example.com
docker run --rm coroner/cryptolyzer http headers www.example.com
docker run --rm coroner/cryptolyzer dns dnssec example.com

docker run -ti --rm -p 127.0.0.1:4433:4433 coroner/cryptolyzer ja3 generate 127.0.0.1:4433
openssl s_client -connect 127.0.0.1:4433

docker run -ti --rm -p 127.0.0.1:2121:2121 coroner/cryptolyzer ja3 generate ftp://127.0.0.1:2121
openssl s_client -starttls ftp -connect 127.0.0.1:2121

docker run -ti --rm -p 127.0.0.1:2222:4433 coroner/cryptolyzer hassh generate 127.0.0.1:2222
openssl s_client -connect 127.0.0.1:2222

Support

Python implementation

• CPython (2.7, 3.3+)

• PyPy (2.7, 3.5+)

Operating systems

• Linux

• macOS

• Windows

Social Media

• Twitter

• Facebook

Documentation

Detailed documentation is available on the project’s Read the Docs site.

License

The code is available under the terms of Mozilla Public License Version 2.0 (MPL 2.0).

A non-comprehensive, but straightforward description of MPL 2.0 can be found at Choose an open source license website.

Credits

• NLnet Foundation and NGI Assure, supports the project part of the Next Generation Internet initiative.

• Icons made by Freepik from Flaticon.

Details

The main purpose of creating this application is the fact, that cryptography protocol analysis differs in many aspect from establishing a connection using a cryptographic protocol. Analysis is mostly testing where we trigger special and corner cases of the protocol and we also trying to establish connection with hardly supported, experimental, obsoleted or even deprecated mechanisms or algorithms which are may or may not supported by the latest or any version of an implementation of the cryptographic protocol.

As follows, it is neither a comprehensive nor a secure client/server implementation of any cryptographic protocol. On the one hand analyzer implements only the absolutely necessary parts of the protocol to interact with servers. On the other it may use completely insecure algorithms and mechanisms. It is not designed and contraindicated to use these client/server implementations establishing secure connections. If you are searching for proper cryptographic protocol implementations, there are several existing wrappers and native implementations for Python (eg: M2Crypto, pyOpenSSL, Paramiko, …).

• Features
  • SSH
    • Differentiators
    • Versions
    • Analyzers
    • Vulnerabilities
  • SSL/TLS
    • Differentiators
    • Analyzers
    • Versions
    • Extensions
    • Public Keys
    • Vulnerabilities
    • Simulated Clients
    • Fingerprinting
  • Hypertext Transfer Protocol (HTTP)
    • Analyzers
    • Headers
  • DNS
    • Differentiators
    • Analyzers
• Installation
  • Python Package
  • Docker
  • Operating System Package
    • Deb
    • RPM
• Command-line Interface
  • Generic Usage
    • Argument Structure
  • Cryptographic Protocols
  • Other Protocols
    • Domain Name System
    • Hypertext Transfer Protocol
  • Output Formats
    • Highlighted
    • Markdown
    • JSON
• Application Programming Interface
  • TLS
    • Vulnerabilities
    • Cipher Suites
    • Elliptic Curves
    • Diffie-Hellman Parameters
    • Certificate Chains
    • Signature Algorithms
    • Simulations
  • SSH
    • Software and Protocol Version
    • Cipher Suites
    • Diffie-Hellman Parameters
    • Host Keys and Certificates
  • HTTP(S)
    • Headers
  • DNSSEC
    • Code Snippet
    • Result Classes
• Development

History

• Changelog
  • 0.12.4
  • 0.12.3 - 2024-03-05
  • 0.12.2 - 2024-01-11
  • 0.12.1 - 2023-12-13
  • 0.12.0 - 2023-11-23
  • 0.11.2 - 2023-11-13
  • 0.11.1 - 2023-11-06
  • 0.11.0 - 2023-10-28
  • 0.10.3 - 2023-10-12
  • 0.10.2 - 2023-08-28
  • 0.10.1 - 2023-08-29
  • 0.10.0 - 2023-08-03
  • 0.9.1 - 2023-06-22
  • 0.9.0 - 2023-04-29
  • 0.8.5 - 2023-04-02
  • 0.8.4 - 2023-01-22
  • 0.8.3 - 2022-11-06
  • 0.8.2 - 2022-10-10
  • 0.8.1 - 2022-03-23
  • 0.8.0 - 2022-01-18
  • 0.7.3 - 2021-12-26
  • 0.7.2 - 2021-10-07
  • 0.7.1 - 2021-09-20
  • 0.7.0 - 2021-09-02
  • 0.6.0 - 2021-05-27
  • 0.5.0 - 2021-04-08
  • 0.4.0 - 2021-01-30
  • 0.3.1 - 2020-09-15
  • 0.3.0 - 2020-04-30
  • 0.2.0 - 2019-12-05