Professional Documents
Culture Documents
Course Materials
Time Schedule
Session 1 09:00 - 10:30
Trainers
FL Name Email Organisation Country
JT Jethro Tambeana APNIC Community Trainer Vanuatu
NOTE:
Sessions
Topic Presentations Exercises
Resources:
RFC7525 - BCP for TLS
RFC8996 - Deprecate TLS 1 & 1.1
RFC6101 - SSL 3.0
RFC8446 - TLS 1.3
RFCs about ciphers
SSH pcap
HTTP pcap
HTTPS pcap
IPv6 pcap
Computerphile - Video about TLS
Computerphile - TLS handshake
TLS Handshake Deep Dive and decryption with Wireshark
https://github.com/paulveillard/cybersecurity-tls-security
Resources:
OpenSSL cheatsheet
Testing TLS with openssl
https://github.com/drwetter/testssl.sh
How to use OpenSSL: Hashes, digital signatures
Let's Encrypt
SSL Configuration Generator
Decrypt SSL with Wireshark
https://packetlife.net/captures/
https://apackets.com/pcaps
https://cvetrends.com
https://demo.openxpki.org/openxpki/#/openxpki/login
https://hohnstaedt.de/xca/
https://tryhackme.com/
https://academy.hackthebox.com/course/preview/httpstls-attacks
.
Topic Resources
Other resources MITRE MITRE - SSL/TLS Inspection
MITRE - Encrypted Channel
MITRE - Encrypted Network Traffic
TLS NIST - Guidelines for the Selection and use of TLS SP800-52
Demystifying TLS Cipher Suites
Topic Resources
Implementing Certificates, TLS, HTTPS and Opportunistic TLS
Implementing Certificates, TLS & HTTPS
IANA TLS parameters
IANA, OpenSSL and GnuTLS cipher naming
https://testssl.sh
Privacy score
OWASP - Testing for Weak SSL TLS Ciphers
OWASP - TLS Cheat Sheet
SANS webcast - A BEAST and a POODLE celebrating SWEET32
10 Online Tools to Test SSL
History of SSL/TLS and PKI
TLS negotiations
MiTM attacks on TLS
https://www.hhs.gov/sites/default/files/securing-ssl-tls-in-healthcare-tlpwhite.pdf
https://www.acunetix.com/blog/articles/tls-vulnerabilities-attacks-final-part/
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=TLS
https://www.roe.ch/SSLsplit
https://mitmproxy.org
Shodan https://help.shodan.io/data-analysis/ssl-analysis-by-country
https://www.shodan.io/search/report?query=ssl.version%3A"sslv2"
https://beta.shodan.io/search/facet?query=ssl.version%3Atlsv1&facet=vuln.verified
https://help.shodan.io/command-line-interface/3-stats
https://shodan.readthedocs.io/en/latest/examples/query-summary.html