ShadowTrackr

Log in >
RSS feed

Extra data in certificates

21 April 2024
After fixing a bug that prevented the proper scan of the cryptographic suites used on a TLS server, it was opportune to add some extra data. There are four new fields available:

dh_groups: The list of Diffie Hellman groups used for key exchange, for instance: "RFC3526/Oakley Group 14".

ecdhe_curves: The list of Elliptic curves used in Diffie Hellman, for instance: "prime256v1"

tls12_sig_algs: The list signature algorithms used in TLS 1.2, for instance: "ECDSA+SHA256"

tls13_sig_algs: The list signature algorithms used in TLS 1.3, for instance: "ECDSA+SHA256"

These new fields are available everywhere, including in queries and the API. This example query will give you an overview of all Oaklye groups used in your certificates:

index=certificates dh_groups=*oakley* by dh_groups

Any group below 14 is considered weak these days.
Older posts >

Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI