Showing posts with label ssl certificate. Show all posts
Showing posts with label ssl certificate. Show all posts

Monday, May 1, 2017

Working with BurpSuite MobileAssistant Tool



Recently on Friday, April 28, 2017, burpsuite has released its new tool dubbed as mobile assistant. Mainly this is released for two purposes. It is designed to change the system wide proxy setting and to bypass ssl certificate pinning. Currently this is available for iOS device 8 and later only. You can found more detail on the official blog referenced below: Here I am going for an in-depth tutorial starting from the setting up the mobile assistant to using it.
Read more »
Posted by at 3 comments:
Labels: , , , ,

Monday, December 2, 2013

Transport Layer Security - Part 2 SSL

Introduction
I have already discussed about SSL in my previous article. Here I will be explaining you SSLv3. It is developed by Netscape company .In this section I will discuss on SSLv3.

General SSL Architecture
It is designed to secure end-to-end service on the internet. I will illustrate that SSL is not a single handed protocol. It is a layer of more than one protocol such as
a.    SSL record protocol
b.    SSL handshake protocol
c.    SSL change cipher spec protocol
d.    SSL alert protocol
Read more »
Posted by at No comments:
Labels: , , , ,

Monday, October 28, 2013

SSL Unleashed

In this article I am going to tell you everything about SSL that what it is why we need it, technical and non technical aspects of SSL etc.. This article covers the introduction, SSL certificate, Encryption, process of encryption and how your browser interact and trust that certificate provided by the website you are visiting.

Existence of SSL
There are basically 2 aspects of SSl. One is Encryption and second is Identification.  Now encryption is what you hide the content of the data sent from one machine to another machine. It is done by changing the content of the data in identical to garbage form which is human readable but not human understandable. It is exactly like speaking in different languages with what one person is not familiar. I am Indian if someone speaks in Russian language, it is not understandable by me. So here Russian language is like encrypted language for me. However if I get a translator and he/she translates that Russian language into Hindi  then I can say that now that is understandable by me. So it is said that message has been decrypted. Identification is related to trust.  In the previous scenario, how can I trust the translator who is converting Russian language to Hindi? Is she/he legitimate ? Can I trust him/her? In the digital world, it is something like this. Your machine has to trust the SSL certificate (security mechanism), provided by the website via an SSL certificate issuing vendor.
Read more »
Posted by at
Labels: , , , , ,
Subscribe to: Posts (Atom)