What The Cipher: A Python Tool for Pentesters and Security Assessments
In this era of growing cybersecurity threats, it is necessary to ensure that the communication between a server and a client is secure. It is also important to ensure that no third party can eavesdrop on the conversation or tamper with the data being exchanged. One of the essential components of secure communication is the encryption mechanism that is used. However, encryption alone is not enough to ensure the security of the communication. The encryption mechanism’s strength must also be assessed.
The encryption strength is determined by the cipher that is used. A cipher is a set of algorithms and procedures that are used to encrypt and decrypt messages. Some ciphers are considered more secure than others, and their strength depends on the encryption key size, block size, and other factors. Therefore, it is essential to check the cipher’s security strength to ensure that it is not vulnerable to any known attacks.
What The Cipher is a Python tool that helps pentesters and security analysts to analyze the SSL/TLS cipher strength of a website. This tool uses the nmap utility to obtain information about the website’s SSL/TLS ciphers and the SSL/TLS versions supported. It then assesses the ciphers’ security strength and provides a report on whether the ciphers are secure or vulnerable to attacks.
What The Cipher is available on GitHub at https://github.com/anmolksachan/WhatTheCipher. The tool can be downloaded and installed on any platform that supports Python. Once installed, the tool can be run from the command line by executing the command:
python wtc.py
The tool will prompt the user to enter the domain name or IP address of the website to be scanned and the port number to be used. After entering the required information, the tool will initiate an nmap scan and obtain information about the website’s SSL/TLS ciphers and versions.
The tool then analyzes the ciphers’ security strength using a set of predefined rules. If a cipher is found to be weak or vulnerable, the tool will alert the user by highlighting the cipher name in red text. The tool also provides information about the SSL/TLS version being used and whether it is deprecated or recommended.
The tool generates a report in HTML format, which contains all the information obtained during the scan, including the SSL/TLS version, cipher suite, and its security strength. The report also provides recommendations on how to improve the website’s SSL/TLS security.
In conclusion, What The Cipher is a valuable tool for pentesters and security analysts who need to assess the SSL/TLS cipher strength of a website. It provides an easy-to-use interface that can be used to quickly obtain information about the website’s SSL/TLS configuration and assess its security strength. The tool’s ability to generate an HTML report makes it easy to share the scan results with other team members and stakeholders.
