TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow and test it against his TLS library.

In addition, TLS-Attacker supports various known cryptographic attacks and their evaluations. This means you can simple check whether your server is vulnerable to padding oracle, invalid curve, or Bleichenbacher attacks. It has already allowed us to find vulnerabilities in major TLS libraries, including OpenSSL, Botan, or MatrixSSL.

To the project page