After a few months of working on it on the side tlslookieloo 0.1.0 is finally out the door. I’m releasing it as an alpha version; because, I worked on it alone for the most part. Keane Wolter (@d43m0n3y3, LinkedIn) helped out by reviewing the documentation and smoke tested it on a different platform.
Why build tlslookieloo?
I’ve been wanting to build this type of software for a few years now. I needed a tool that can monitor TLS messages between a client and software that I have full control over. A situation at work regarding a client-side software is what finally pushed me to do it.
Before I actually started, I looked at what other tools may be out there that met my needs. I looked at sslsniff again; but, I felt the overhead is too much. After all, the goal of this tool is to find issues with TLS implementation. I also looked into Decept Proxy; but, I couldn’t find a way to provide a client key for client-side authentication–that one I needed specifically for the software I was testing.
The other motivation–some may argue the wrong way to go about it–is I wanted to use features from C++11 to C++17. It’s been awhile since I have written a C++ program of a decent size from scratch. I did think of using Rust; but, I found that TLS libraries available in Rust either encapsulates OpenSSL anyway; or, I found is too new.
I’m not going to rehash all the features currently available in 0.1.0 here. Please see the User Guide.
Right now, I’m waiting for user feedback. Bugs and feature requests can be submitted on the GitHub Issues for tlslookieloo. Adding more unit and functional tests are also planned for the next release. If you’re interested in learning how to use OpenSSL and C++17 I would appreciate the help.