To search
You are here : Linux > Linux > Security > SSLsplit 0.4.9

SSLsplit 0.4.9

Freedownload8 rating:
BSD License
Nov 30, -1
Submit date:
Feb 15, 2015
Daniel Roethlisberger
File size:

SSLsplit 0.4.9

by Daniel Roethlisberger

SSLsplit is an open source, cross-platform and free command-line software implemented in C and designed from the offset to be used for performing man-in-the-middle attacks, targeted at network connections encrypted with the either of the SSL and TLS protocols.

Features at a glance

Key features include support for plain SSL (Secure Sockets Layer), plain TCP (Transmission Control Protocol), as well as HTTP (Hypertext Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) connections over IPv6 and IPv4 connections.

In addition, the software comes with support for Server Name Indication (SNI), RSA, ECDSA (Elliptic Curve Digital Signature Algorithm) and DSA (Digital Signature Algorithm) keys, as well as ECDHE (Elliptic Curve Diffie–Hellman Exchange) and DHE (Diffie–Hellman key exchange) cipher suites.

At the moment, SSLsplit supports the following NAT engines and UNIX-like operating systems: netfilter TPROXY and REDIRECT on Linux, pf rdr and divert-to, ipfilter rdr and ipfw fwd on FreeBSD, pf rdr-to and divert-to on OpenBSD, as well as pf rdr and ipfw fwd on Mac OS X.

Command-line options

The software has various command-line options, among which we can mention the ability to use a specific CA certificate, key or chain from a pemfile to sign forged certificates, to use a mix of certificate, chain and key PEM files from a specific directory to target all sites that match the common names, as well as to deny all OCSP requests on all proxy specs.

In addition, it is possible to use DH group parameters from a pemfile, disable the SSL/TLS compression on all connections, use specific OpenSSL cipher suite specifications, specify the default NAT engine to use, list available NAT engines, drop privileges to a specific user, write the PID file to a specific file, enable various logging options, and specify proxy specs.

Getting started with SSLsplit

SSLsplit is distributed only as a compressed archive (tarball), which means that you must compile its source code in order to install and use it under your GNU/Linux system. However, it might be possible to easily install it from the main software repositories of your distribution, so open your package manager and search for SSLsplit there before anything else.


OS requirements for SSLsplit 0.4.9:

  • Download SSLsplit 0.4.9

User comments about SSLsplit 0.4.9

Comment SSLsplit 0.4.9

  1. What did you think of the program?

    Log in or Create Account to post a comment.
  2. Rate this software    
  1. Security Code: Captcha Image Change Image

Get Our News, Everywhere

Popular searches