O'Reilly logo

Mastering Kali Linux for Advanced Penetration Testing - Second Edition by Vijay Kumar Velu

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Reconnaissance of SSL connections

The reconnaissance phase of the kill chain remains important when assessing the SSL connectivity, especially when reviewing the following items:

  • The x.509 certificate used to identify the parties involved in establishing the secure SSL connection
  • The type of encryption being used
  • The configuration information, such as whether automatic renegotiation of SSL sessions is permitted

The SSL certificate can provide information that may be used to facilitate social engineering.

More frequently, a tester or attacker wants to determine whether the certificate is valid or not. Certificates that are invalid may result from an error in checking the signature, or a broken certificate chain, the domain specified in the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required