fiesta

module

v0.0.0-...-8bda700 Latest Latest Go to latest Published: Mar 10, 2021 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/the-cracker-technology/fiesta

Links

Open Source Insights

README ¶

What is FIESTA?

FIESTA is a tool created to run side-channel attacks against the HTTPS protocol. At this moment, only XS-Search and FIESTA attacks have been implementad. However, other attacks such as CRIME, BREACH, TIME and XS-TIME will be implemented in the future.

How to install FIESTA?

It should be as easy as:

go get github.com/jselvi/fiesta/cmd/fiesta

It hasn't been tested in many platforms, so if you find an issue in your specific choice, please raise an issue.

How to use FIESTA?

FIESTA tries to mimic Metasploit's look and feel, since it's a well-known tool used by most penetration testers. Syntax is easy:

$ fiesta -h
Usage of fiesta:
  -r string
    	Execute resource file (- for stdin)

You can run an interactive shell just typing fiesta or you can run a rc file (fiesta -r my.rc), which basically types for you a list of FIESTA commands included in the rc file.

How to use each attack?

Including a detailed description of each attack and writing the doc.go files is still a pending task.

References

Cybercamp 2018 Workshop: Video
OWASP AppSec EU 2018: Video Slides
EkoParty 2017: Video

Directories ¶

Path	Synopsis
cmd
fiesta
pkg
core
httpipe
tlsrelay

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL