Tool and Usage
O-Saft is a security tool to show information about SSL certificates. It tests the SSL connection with the given list of ciphers and configuration.
O-Saft is the abbreviation for OWASP SSL advanced forensic tool.
Why this tool?
O-Saft is a command-line tool and can be used offline and in closed environments. There is also a graphical user interface available (based on Tcl/Tk). It can even be turned into an online CGI-tool. With just basic parameters it can provide useful information about an SSL configuration. With limited tuning of the tool, it can perform more specialized tests.
Usage and audience
O-Saft is commonly used for information gathering, penetration testing, security assessment, vulnerability scanning, or web application analysis. Target users for this tool are pentesters, security professionals, and system administrators.
- O-Saft is written in Perl
- Command line interface
- Customization and additions are possible
- Graphical user interface
- Integration with continuous integration/delivery (CI/CD)
- Tool can be used in offline environment
- Web interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Supported operating systems
O-Saft is known to work on Linux.