diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..289bab7 --- /dev/null +++ b/README.md @@ -0,0 +1,96 @@ +# go-fakessl + +`go-fakessl` is a pentesting tool designed to clone SSL/TLS certificates from a target server and create a new, self-signed certificate using its public key. This tool can be used for testing SSL/TLS security and inspecting server certificates. It also allows you to run a local HTTPS server with the cloned certificate for testing purposes. + +> **WARNING**: This tool is for **authorized security testing only**. Unauthorized use may violate laws and regulations. The author and contributors are not responsible for misuse. Always obtain explicit permission before testing any system. + +## Features + +- **Clone SSL Certificates**: Clone SSL/TLS certificates from target servers by specifying their URL. +- **Generate New Certificate and Key**: Create a new certificate using the cloned public key and a freshly generated RSA private key. +- **Run HTTPS Server**: Start an HTTPS server locally using the cloned certificate for testing. +- **Inspect Certificates**: Use `openssl` commands to inspect the original and cloned certificates. + +## Installation + +### Prerequisites + +- **Go**: Version 1.18 or later. +- **OpenSSL**: For inspecting and comparing certificates. + +### Steps + +- Clone the repository: + +``` +$ git clone https://github.com/yourusername/go-fakessl.git +$ cd go-fakessl +``` + +- Install dependencies: + +``` +$ go mod tidy +``` + +- Build for all platforms: + +``` +$ make all +``` + +- Binaries will be generated in the build/ directory for Linux, Windows, and macOS; alternatively, build for a specific platform: + +``` +$ make linux-amd64 +$ make windows-amd64 +$ make darwin-arm64 +``` + +- (Optional) Run directly with Go: + +``` +$ go run main.go [-cert <cert> -key <key> -port <port] -url <url> +``` + +## Usage + +### Command-Line Flags + +``` +Usage of ./go-fakessl-<platform>-<arch>: + -cert string + path to certificate file to use for a test https server + -key string + path to key file to use for a test https server + -port string + port to use for a test https server (default "8000") + -url string + target https url to clone certificate from (e.g. https://google.com) +``` + +## Examples + +### Clone the SSL certificate of google.com + +``` +$ ./go-fakessl-linux-amd64 -url https://google.com +url cloned cert private key +google.com:443 google.com_clone.pem google.com_clone.key + +[inf] start an https server to test cloned certificate with: +$ ./go-fakessl-linux-amd64 -cert google.com_clone.pem -key google.com_clone.key -port 8000 + +[inf] manually inspect and diff the original certificate and cloned certificate with: +$ openssl s_client -connect google.com:443 </dev/null 2>/dev/null | openssl x509 -noout -text > google.com_original.txt +$ openssl x509 -in google.com_clone.pem -noout -text > google.com_clone.pem_clone.txt +$ diff *.txt +``` + +## License + +This project is licensed under the GNU GENERAL PUBLIC LICENSE. See the LICENSE file for details. + +## Disclaimer + +`go-fakessl` is provided "as is" without warranty. The author and contributors are not liable for any damages or legal consequences arising from its use. Use responsibly and only in authorized environments. |