Monday, 30 April 2018

How To Find SSL Vulnerability In Your Website


SSL Vulnerabilities

Many versions of the mechanism used to secure your web traffic are no longer safe.


When a browser communicates to a web server, the recommendation is to ensure the web site uses an encrypted connection - otherwise anyone can see all your private data. Although users are told to look for the padlock icon next to the web address, or make sure the web address begins with https://, many protocols that handle the encryption of that link are no longer considered secure.

If you are responsible for managing a server, or are responsible for ensuring browsers only communicate in a secure way, you need to ensure your systems are configured in a way that ensures the encrypted links really are secure.



What is at risk?

Web servers and browsers that allow encryption to be established using old and obsolete protocols put all the data transmitted over the network at risk. Browsers and servers often leave support enabled in case it is required, which removes the protections afforded by modern protocols.


Download App:- Tech Gyan Mantra



Recommendation

  • Disable support for SSLv2 and PCT on servers and browsers. These protocols are known insecure since 1995 

  • Disable support for SSLv3 on servers and browsers. This protocol is known insecure since 2006

  •  Disable support for TLS 1.0, or at least disable compression, on servers and browsers. This protocol is known exploitable since 2011. Further, no credit card handling system will be permitted to support this protocol in 2018.

  •  Disable support for weak ciphers, including DES, 3DES, RC4. These ciphers are known breakable. Ensure support for modern ciphers (AES), modes (GCM) and protocols (TLS 1.2)

To Find SSL Vulnerability In Your Website To Fix.As You Know SSL Is The Certificate Of Security Of Any Website Which Indicates That Your Private Informations Are Secure On This Website.In This Video I Have Explained That SSL Has Also Vulnerabilities.If You Have A Website With SSL Certificate Then You Should Must Check your Website To Ensure That Your Website Has Not Any SSL Vulnerability.


Download Here:-



Commands- chmod +x install.sh ./install.sh python a2sv.py For Execute The Tool(This Step Is Skipped In This Video). python a2sv.py -h python a2sv.py -t (target website name)




WATCH VIDEO:-






For hacking course 

Whatsapp no. - +16366780163



at

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)

【PART 2】Get Netflix Premium Account For Free With Android With Username & Password [Unlimited Account] 

I will let you know a simple trick with My Airtel App from Google Play store to get Netflix premium account for free without use of r...