Penetration Testing Custom TLS Stacks

Presented at ShmooCon XII (2016), Jan. 16, 2016, 5 p.m. (60 minutes)

With the ever growing number of attacks against SSL/TLS, quick turnaround time is required to write proof of concept code to test new attacks. Extending existing TLS stacks to implement such code is difficult and error prone. Due to that need, we developed an offensive focused TLS stack which allows to quickly prototype attacks against all elements of the stack (protocol, crypto, certificates, …) scapy-ssl_tls is an offensive TLS stack which lives above scapy. I will demonstrate how to look for protocol and crypto related flaws in custom TLS stacks, and how to quickly build prototypes.


  • Alex Moneger
    Alex Moneger enjoys working on security which relates to bits and bytes such as cryptography, exploit development, fuzzing and binary instrumentation. He has presented at several security conferences (Defcon, Nuit Du Hack, Seccon) on the above topics. Overall, his interests in security topics are too broad for the time he has available. He also writes (numstitch, fuzzmon) and contributes to open-source security tools (scapy-ssl_tls, afl, …). In his day job, he works for Citrix Systems, taking care of product security.


Similar Presentations: