Berkey Water Filter

Berkey Water Filter

The Big Berkey filter is intended for the individuals who need to drink the cleanest filtered water without introducing an under-sink or RO framework in their home.

It comes completely outfitted with an upper and lower top, simple stream nozzle, two preeminent carbon filters each enduring 3,000 gallons. Utilized as suggested, it has a normal lifetime of right around 10 years, making it potentially the longest enduring filter framework there is.

Berkey Filtration System

It likewise permits you to introduce extra filters, for example, those filtering fluoride and arsenic, with the goal that your streams significantly quicker through each filter.

Read more: Berkey and Berkey Black Friday Deals Water Filter

What is Water Softener

A water softener eliminates minerals that make water hardness, one of the most widely recognized water quality issues a mortgage holder experiences. Hard water devastates machines, leaves dingy cleanser filth across washrooms and kitchens, and dries out hair and skin. With over 85% of the United States depending on hard water for their cooking, cleaning, and washing, water softeners fill an essential need. A water softener spares you from supplanting rashly demolished water radiators, textured fixture heads, and a really long time of tidying up foamy buildup. Putting resources into a water softener spares you time, energy, and cash, and secures your home and your property.

Resource:

berkey fleck kangen
https://thekurandosblog.blogspot.com/2020/10/fleck-water-softener-black-friday-deals.html
https://thekurandosblog.blogspot.com/2020/10/kangen-black-friday-deals-and-coupon.html
https://thekurandosblog.blogspot.com/2020/10/berkey-black-friday-deals-and-coupond.html

Stonne 1940 Big CoC Weekend Part 1

This has been in the pipeline for a few months now, the first public Big CoC public weekend at the WHC. In this first post I'll give some idea of the thought process (sic) behind the game and then I'll give you the scenarios and how the game played out...oh, and there will be a few pics.

Warlord and Crusader French

Mark Freeth was very keen to get an early war 1940 scenario together, initially we toyed with the idea of running a weekend with 2 games running side by side, one containing French and the other BEF taking on the invading Germans. While this was certainly achievable, it involved a few more logistical headaches concerning turning the games around, plus simply having to focus on 2 games at once rather than one. So, in the end we plumped for a single set of scenarios with just the French and Germans.
A small problem with running Big CoC games is that the scenarios are somewhat dependant on the number of players attending, and given the nature of the WHC the numbers can vary, Some players book months in advance, but often people will book relatively late so the scenario needed to be capable of being tweaked to fit this in. The nuts and bolts of the game don't alter that much, the idea being that each player will command an infantry (or armour) platoon, then the force as a whole has a degree of support which is then dished out. On the whole this is not a problem, but for quite a while we were looking at having six players (fine, 3 on 3) then suddenly the numbers went up to seven. My initial reaction was one of mild horror because it meant balancing the game for a three versus four. However, when I started looking at the way the Stonne game might play out, the imbalance of 3 platoons  against 4 became more and more attractive.

A little Panhard 178. It bogged in the ditch......

The battle at Stonne took place over 4 days commencing on 15th May 1940, with the Germans having the Grossdeutschland motorised infantry regiment, and elements of the 10.PzD (Panzer-Regiment 8)
They were encountering in these scenarios the 3e DIM (Division d'Infanterie Motorisée), supported by 3e DCr (Division Cuirassée)
Looking at the platoon lists for CoC the 1940 German infantry platoons are enormous. Each platoon contains 2 senior leaders and a 50mm mortar team plus 4 x 10 man sections, for a total of 44 men.
The French platoons are a similar size, with 2 platoon leaders (1 senior, 1 junior) a VB rifle grenade team of a junior leader with 4 men. plus 3 sections of 11 for a total of 40 men. 

So if we had seven players, with 3 on the German side and 4 for the French it wouldn't be too bad. 1 player a side would be playing a tank platoon anyway, so it would be 2 German infantry platoons against 3 French, however that is actually 8 German sections opposed to 9 French, making it less unbalanced than first appears. A little extra tweaking by making the Germans "superior regulars" meaning they treat rolls on their command dice of a single six also as a 5, giving them more CoC dice pips during the game, plus increasing the size of their panzer II platoon to a whopping 5 vehicles would compensate for the additional French numbers. Additionally, each German platoon would start with a full Chain of Command Dice. 

Poilus advance, CharB in support 
So I worked on that basis, and prepared everything with 7 players in mind, Then of course Mark called and said " I've got an 8th player"......So the superior regular, and the extra CoC dice went out of the window, and the Panzer platoon was cut from 5 down to 4, and the Germans went up to 3 infantry platoons to make it 4 a side. Also the Germans would not have a significant advantage in support points when they were attacking, while the french would.
 Even after this we had another couple of guys wanting to sign up, but at that late stage we sadly had to say no, and stick with 8, as I think a single game with 5 a side is really stretching it for this rule set - not saying its not possible, but I think the game might suffer.
So that is the format we ended up going with, having said that I'm pretty sure the scenarios will work fine with seven (or 5 for that matter) players if the Germans are bumped up a bit to cater for uneven forces.


Panzerjeager I supports Black Tree and Warlord infantry
The other aspect of the games that numbers have an impact on is the size of the table used for each scenario. The recommendation for Big CoC is that the table size should be the same as for normal CoC (6' x 4')  with an additional foot width per additional infantry platoon added - you add nothing for the armour.
Well, The main table at the WHC is 24' long by 6' deep, and so we already play on a depth of 6' which I prefer over 4'. The patrol phase gets forces into action quickly enough anyway, and having the extra depth gives players a bit more room without slowing things down.
Just adding 2 feet per platoon gives us a width of 8' x 6 " which is fine, but the centres' terrain boards are 3' each so it is convenient to go for a slightly larger width of 9'. a bit more room both on the table and for player comfort. That meant that it wasn't too tricky to divide up the table into 3 sections - 9' at each end and then utilise the central 6' and 3' of one of the other sections to give us 3 x 6' x 9' areas.

The point of all this meant I could set up the entire table beforehand, and players go from game to game  with no great interruptions in order to maximise playing time. Also I think it looks good!

Stonne from west to east: Game 1 at the far end, game 2 in the foreground, game 3 in the centre. The Germans are advancing from the north, the French, the south.

I also planned to have a 4th scenario, which would have meant re-setting the terrain at one end of the table- it would have been that which was fought over in game 2 so we could do it while game 3 was in progress giving plenty of time. As it turned out, we didn't get in 4 games over the weekend, a bit of a shame but, sometimes CoC games can be like that, some go faster than others.

The table was made up simply from having a look at Google Earth, backed up with some excellent maps in Prieser's "Blitzkrieg Legend"- to  get the overall topography. Generally the village hasn't changed enormously since 1940, although it was rebuilt there has been no development sprawl, The critical points haven't changed, in terms of the woods, the road layout, and the extent of the village.Being able to get down at street view is an amazing resource, it shows just how winding and steep the only road the Germans had to approach the village from the north was, as it approaches the Butte De Stonne at the Eastern end of the village, and how despite it appearing very flat on the map, the countryside to the west and south actually has quite a lot of small undulations, the view south from the village is somewhat restricted. At the eastern end of the village the countryside is more wooded and broken, with the road becoming sunken before it winds down back on itself down the steep wooded slope to the north of the village (off- table)

Map showing the initial German attack on Stonne, May 15 at 0800. Influenced by Eric Denis' work. (wikipedia)

Given the nature of playing 3 or possibly 4 games over a weekend in a campaign format with 8 CoC novices I thought that the first scenario should probably be a bit gentle in order to ease them into it, and allow them to possibly make a few mistakes without getting horribly punished. I also wanted to keep it relatively simple.
Given the nature of the fighting in Stonne (the village apparently changed hands 17 times in 3 days), it lent itself to a relatively straightforward narrative: i.e. Attack and counterattack- So I decided to make the first game an attack/defence scenario with the Germans on the offensive at the eastern end of the table, the second game was to be another attack/defence with the French on the offensive at the western end of the table. Game 3 was to be in the central area of the table with the Germans attacking in an "attack on an objective" scenario.
I planned a 4th scenario which was to be played out on new terrain to the east of Stonne and that would have been the French conducting a flank attack. However, time sadly ran out. I'm sure we will do it one day.

The View from east to west, the broken ground of the Butte De Stonne in the foreground

The scene was set:

8 players, hopefully 4 games, Germans versus French at Stonne, one of the iconic battles of the campaign.

What were the salient features of the battle? The Germans had crossed the Meuse a couple of days earlier and were trying to exploit that relatively fragile bridgehead, the French had rapidly managed to assemble a counter attack force. The massif of which Stonne is a small part doesn't readily show up on a map, but have a look at Google Earth and you can see just how important it was for both sides. The village itself is rather innocuous, just a farming village with two roads entering from the south, however, it is the terrain to the north which both sides were focused on. There is a single road which leads out of Stonne to the north, this snakes down the hillside along a steep wooded slope before reaching the more gentle plain. The entire northern side of Stonne is covered in thick fir trees which extend down the steep slope- there is nowhere in the village itself (other than the "Butte de Stonne") which has a view to the north. However, if you hold the town and can establish OP's in this wooded hillside you have a magnificent vista stretching out 4 or 5 kilometres and more to the north, the German bridgeheads, and the routes they will take as they expand. Subsequently this tiny Ardennes village became vitally important.   

French section enters central Stonne

Omicron Protocol, Game Review

This part of the city has been sealed. Whatever happened here was enough for the government to call it quits on anyone and everyone that survived whatever created the CyMS. But we still live. We still have to live. That is why you are going out after supplies. Besides the CyMS, others are going to be after those supplies, so keep your eyes wide and keep it quiet.

-----

Omicron Protocol is a scenario based strategy combat game. There are 2 sides competing to accomplish the objective of the scenario. Although they are not facing off against each other, they are competing for the same objective which means the opposing force has to be dealt with.

I played a prototype of Omicron Protocol as Brendan Kendrick and Bernie Lin of Dead Alive Games were preparing their Kickstarter campaign in 2019.

When I read the backstory for Omicron Protocol, the name created more questions of what happened in our future world to require quarantining a city and leaving the residents to fend for themselves. Omicron is the fifteenth letter of the Greek alphabet. A protocol is an official response of procedure with how to deal with a situation. Usually a diplomatic response from a government, but also used in business dealings. Not only is Omicron the fifteenth letter of the Greek alphabet, in mathematics it is used as the symbol for growth rates, and in other instances it is tied with Omega, the end. This leads the imagination to believe we are far beyond "Plan A" for containment.

We played Omicron Protocolwith three players. Two of us controlled one faction against the other player's faction. The offset didn't put the game out of balance from the point of the pieces on the mat. It is also hard to say if the two-headed team was better than the one. There was an advantage for the two players being able to talk over their strategy. At the same time, the individual player was able to coordinate their actions easier.

There are starter scenarios for learning movement and abilities. The system is straight forward and we found it easy to understand. The number of options available and deciding which was the best path forward to complete the objective was where the difficulty was. That was where the individual had some advantage by handling the entire team instead of just part of it. The multi-player team was able to focus on the character abilities more, which required more conversation and bartering between the players.

Omicron Protocol contains multiple levels of strategy. It started in the pre-game setup when each faction chose the characters to go on the mission. The introductory scenarios have preselected characters; however, in the full game scenarios the player(s) have control. Individual character abilities and how they can interact are important considerations along with how those abilities pair up with the faction's special abilities.

While racing the other faction to achieve the goal you also need to deal with the Cyber-Memetic Sociopaths (CyMS). CyMS (pronounced "sims") are zombies attracted by sound. Any time characters take actions causing noise, there is a chance the CyMS in the area will come to feed. Noise, therefor, is also part of the strategy employed when dealing with the opposing faction.

Playing the Game

The main goal is to complete the objective. Omicron Protocol is not an arena combat (but you could create such a scenario). The backstory is one where people are working to survive the situation they have found themselves in and working to get out of the quarantined city.

In the prototype there were only two factions: the Survivalists and the Peacemakers. It was noted additional factions are planned for. So when you play you will need to decide the faction you are going to play based on their special faction abilities.

Decide on the scenario. Each scenario has specific rules for that game session. They define the objective and the starting layout of the scene.

Players now decide which characters from their faction are going on the mission. The characters are revealed and added to the game board in the scenario designated starting areas.

As the scenario progresses more CyMS enter the playing field. This increases in pressure on completing the objective and the risks players have to take.

Turns alternate between the factions as they take turns with a character. The CyMS take action after each character turn when the conditions are right.

A faction starts their turn with a set number of action points. Those points are divided by the player(s) for all of the characters they have in play—the player needs to balance the use of their action points to utilize all of their characters. This led to some interesting conversations with the team of two players controlling one faction.

Combat uses a dice pool. A number of dice are rolled and those equal to or above the target score hits. The hits are used for several different actions by the character. They can deal damage, trigger abilities, or if the dice are not spent (including those that don't score) they can be used for improving future rolls.

Overall

We enjoyed Omicron Protocolwith its unique presentation and options.

Omicron Protocol has a strong backstory. The backstory along with the additional information in the rulebook allowed us to immerse ourselves into the game scenario. Links to additional stories set in Omicron Protocol were also given.

Players are allowed to develop their own scenarios as they learn the game. It was mentioned in the information that Dead Alive Games will be making more scenarios and working with players to share scenarios developed by the broader community of players. This could also include solitaire and larger group scenarios. I believe the larger group scenarios would be harder and longer to play due to player interaction.

Omicron Protocol was developed by Brendan Kendrick, Bernie Lin and published be Dead Alive Games. It is designed for 2–4 players of ages 13+, and the scenarios are designed to last 60–120 minutes.

-----

Well done on securing the medical supplies. They will go a long ways for those who are still with us. Rest up. We have skimmed some information the government may not have given up completely on us, they're going to be making a food drop tomorrow. We just need to figure out where and at what time.

  

I'm working at keeping my material free of subscription charges by supplementing costs by being an Amazon Associate and having advertising appear. I earn a fee when people make purchases of qualified products from Amazon when they enter the site from a link on Guild Master Gaming and when people click on an ad. If you do either, thank you.

If you have a comment, suggestion, or critique please leave a comment here or send an email to guildmastergaming@gmail.com.

I have articles being published by others and you can find most of them on Guild Master Gaming on Facebookand Twitter(@GuildMstrGmng).

 

Status

Too long without a post.

Hopefully this  won't be the last post on the blog. I am still in draft three of a book, and don't seem to be getting much writing done or even seeing many movie. Distractions and all.

I still have an unfinished story. An unfinished book of parsha shiurim. Several half-baked and nearly baked game designs on the shelf.

However, I am still employed, having a social life, going on a vacation next month. My daughter is married and thriving, my son is thriving, too. Which is all good.

Still have weekly game nights and still get new games occasionally. I just got Concordia, Sushi Go Party, and I am expecting Gentes Deluxe and Haithabu. I am expecting a few thousand new Magic cards soon.

I and my boss have been playing games with three non-gamer coworkers at work every Thursday. It's been half a year, and, aside from Codenames, we have rarely repeated any games. Looks like we may start soon.

The magic of games, those little points, seem insignificant, but it's astonishing how they take a play activity and make people focus on a goal, a start, and an end. It's almost hard to understand why, but it must have something to do with: not only feeling great when you succeed, but wanting others to have a chance to feel great, too. If it didn't, the whole concept of multiplayer games would just fall apart. As long as we still play games together, I think humanity still has hope.

Peace.

Outstanding Nominations

Amanda Kwaza has overseen a number of reforms in MSSA yo create a national federation that delivers even more to its members.

MSSA's Management Board Awards were initiated in 2009 to reward excellence not specifically provided for in MSSA's Constitution. 

When reading through the names of those previously honored, the reader is quickly reminded of MSSA's rich history. The names are not just names, these are the men and women who have made an incredible contribution to the various mind sports in South Africa. 

 Under the direction of MSSA president, Amanda Pakade, MSSA's highest legislative body, being the Annual General Meeting, agreed to widen the scope of such awards in December 2018. Thus the awards are now more representative of MSSA's membership, of the work being done, and of society as a whole. 

MSSA President, Amanda Kwaza, has already expressed her joy and has stated, "Never before has the quality of nomination been as high as those submitted this year. The task now faced by the Management Board is monumental in considering each and every nomination." 

The final winners shall be announced at MSSA's Annual General Meeting (AGM) on 5 December 2020. 

Awards shall be made in the following categories: 

• Mind Sports Person of the Year 
• Board Gamer of the Year 
• Esports Player of the Year 
• Wargamer of the Year 
• Team of the Year 
• Volunteer of the Year 
• Umpire of the Year 
• Coach of the Year 
• Educator of the Year 
• Writer of the Year 
• Social Media Person of the Year 
• Sponsor of the Year

Also read:

• Upcoming events: Free State Online Provincial Championships - 5 September 2020
• Upcoming events: National Team Trials - 19 September 2020
• Calendar of  Events: 2020
• Affiliation: Schools
• Affiliation: Private clubs
• Esports titles selected: MSSA's School Championships.
• Esports titles selected: MSSA's Premier Championships.
• Results of MSSA's 10th Annual Online Championships for High Schools
• Results of MSSA's Western Cape Online Provincial Championships.
• Results: MSSA's 11th Provincial Online Championships
• Results: Gauteng Online Provincial Championships.
• Test Match results: South African Protea DotA 2 team rises triumphant.
• Test Match results: DOTA2: South Africa vs Azerbaijan
• New National Team Selection Criteria
• Selecting the national Protea teams for Mind Sports South Africa.
• Qualifiers: Clash Royale
• Qualifiers: Counter-Strike: GO
• Qualifiers: Dota 2
• Qualifiers: League of Legends
• Qualifiers: Paladins
• Qualifiers: Pro Evolution Soccer
• The road to Eilat
• IESF announces first three titles for 12th World Championships
• IESF's 12th Esports World Championship - Eilat now set to December 6th - 12th, 2020.
• Rankings: Clash Royale
• Rankings: Counter-Strike: GO.
• Rankings: DotA 2 rankings
• Rankings: FIFA '20.
• Rankings: HearthStone
• Rankings: League of Legends
• Rankings: Paladins
• Rankings: PRO EVOLUTION SOCCER (PES)
• Rankings: Street Fighter V
• Rankings: Tekken 7 rankings

Red Dead Redemption 2 | Review, Trailer, Gameplay, & Everything You Need To Know.

Rockstar's most awaited game Read Dead Redemption 2 is almost here, Yeah! Red Dead Redemption 2 will finally be released next month on October 26. Yes, it's been eight years since the original, but everything we've seen so far suggests it will be worth the wait. Rockstar has given us some enticing glimpses of a lush and lively Wild West, packed with colorful characters like the Van der Linde Gang and new protagonist Arthur Morgan.

Quick Facts:

Initial Release Date : 26 october 2018
Developer : Rockstar
Platforms: PlayStation 4, Xbox One

A few fugitives are solitary wolves, yet more often than not the kind that lives long. In Red Dead Redemption 2 you'll travel with a great grouping of mavericks and cheats (A run of the mill Rockstar topic). Some of them you've met previously, similar to Dutch van der Linde, Bill Williamson, and Javier Escuella - all objectives of John Marston's manhunt in the first Red Dead Redemption. In any case, numerous more are new faces that assistance round out the pack as not only a band of hoodlums but rather a little society unto itself.

The First Reveal :

The primary trailer for Red Dead Redemption 2 which was released on October 20, 2016, was somewhat of a mindset piece that exhibited numerous districts in the diversion, while likewise depicting the solemn tone of the fundamental account. In this trailer, we saw a few towns and areas, a considerable lot of which are abounding with life and movement -, for example, farmers stirring up some cows, huntsmen bringing back their pull, and a gathering of subjects hanging out in the general store. Which depicted its mind-boggling illustrations.

Who Are We Playing As?

In spite of the fact that the focal character of Red Dead Redemption, John Marston, assumes some job in the story- - the fundamental hero of the prequel is Arthur Morgan. As Dutch's correct hand man and master for the pack, he'll handle a significant part of the day by day obligations of holding the posse within proper limits - which incorporates a youthful and less-experienced John Marston. With regards to keeping the posse and its locale above water, Morgan is very helpful with grabbing different occupations to guarantee everybody is all around nourished and in great spirits. Be that as it may, as the story advances, he'll start to scrutinize his own determination for Dutch's lifestyle, and whether despite everything he has a place in the group.

What's New In Red Dead Redemption 2?

While the spin-off is to a great extent in an indistinguishable vein from its forerunner, concentrating on the investigation, chasing, shoot-outs, heists, and opposite side-exercises where you'll communicate with various exciting characters- - Red Dead Redemption 2 includes an unquestionably sweeping world to plunge into. 

The respect framework from the first diversion makes an arrival, yet now with undeniable point by point following. Alongside the normal subject, individuals from your locale will respond to how well or how ineffectively you treat them (Which is kinda inventive as we don't get the opportunity to see that a considerable measure). As the lead master, Morgan should deal with a huge amount of duties, for example, asset gathering, obtaining assets, and ensuring everybody in the network is cheerful.

Yeah, It Has Online Multiplayer Mode?

As of now, Rockstar hasn't shared any information on how the online play will work. The first Red Dead Redemption included online free-for-all and group deathmatch style interactivity in the open world, alongside a few community themed missions. While it's protected to accept that these sorts of missions will restore, another long-waiting gossip is the presence of a fight royale mode. Rockstar has as of late affirmed that an open beta for the online mode is planned for multi month after the amusement's dispatch. We will see you when we get the news, So be in contact.

Camping and hunting will be a major part of Red Dead Redemption 2 life.

Being an outlaw means adopting a nomadic lifestyle, That when the camps comes to rescue as being a key part of surviving and thriving on the prairie. Camps will act as a hub where you can get to know gang members, learn secrets and pick extra missions. It feels like relationships with your allies will be key to your experience of the world, and you can improves things by contributing to the camp by hunting, contributing provisions or just sharing your wealth. How much you contribute is optional, there's a lot of world to explore out there on your own, and a lot of hunting and fishing to keep you away, but you can bet there'll be benefits to communal living.

Gameplay :

Rockstar Released the gameplay for Red Dead Redemption last month. If you wanna watch  here's the Gameplay

Pre-Order :

Pre-orders are now live for Red Dead Redemption 2 on Xbox One and PS4. 

Scanning For Padding Oracles

As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we describe and evaluate a scanning methodology with which we found several padding oracle vulnerabilities in devices from various vendors. In total, we found that 1.83% of the Alexa Top 1 Million have padding oracle vulnerabilities.

To test whether a server is vulnerable, we specified different padding oracle vectors which we send to the system under test, using different cipher suites and protocol versions. If the server does not behave identically (on both the TLS and TCP layers), we consider it to be vulnerable to a padding oracle attack, since it is leaking information about the plaintext via behavior differences. Depending on the responses to such padding oracle vectors, one can estimate which implementation is responsible for the vulnerability. We contacted quite a few website owners and tried to cooperate with them, to find out which vendors and TLS stacks are responsible for the identified vulnerabilities. You can find our current disclosure status on this issue on https://github.com/RUB-NDS/TLS-Padding-Oracles.
We are currently in contact with other vendors to fix the remaining vulnerabilities, but the some of the rare (in terms of the number of affected hosts) vulnerabilities are currently not attributed. To fix the remaining vulnerabilities, we ask for your assistance to help get rid of this issue. For this purpose, we integrated a standalone version of our padding oracle evaluation tool into our TLS-Scanner (v.2.7) project. This tool allows you (among other things) to evaluate if a specific server is vulnerable.

When the tool detects a vulnerability, it tries to attribute the vulnerability to a specific vendor or CVE. If we already know of the vulnerability of the server you scanned, the tool will print its details. If the tool does not have a description of the vulnerability in its database, it will ask you to notify us about the vulnerable server, such that we can notify the vendor and get the device fixed. To be clear: the tool never sends any data to us - you have the choice of whether to notify us (and what details to include). There is a chance that the tool's attribution is also mistaken, that is, the tool lists a vendor for your host, but you know for sure that you do not use an implementation by this vendor. Please contact us in such cases as well.

How to use the Tool

First, you need to grab hold of the tool. There are 3 ways to get your hands dirty: pre-compiled, self-compiled or Docker. We provide a pre-compiled version of the tool since the compilation process can get quite messy if you are not familiar with java and maven. You can directly download the resulting project here. However, if you also want to play around with the code, you have to compile everything yourself.

Building the TLS-Scanner

For this, you will need (Git), maven (sudo apt-get install maven), OpenJDK-8  (I can guarantee that this version works, other versions might work as well, have not tested it).

You will need to get TLS-Attacker 2.9 (if you do not already have it):

	git clone https://github.com/RUB-NDS/TLS-Attacker.git
	cd TLS-Attacker
	mvn clean install # package is not enough, you need to install it so TLS-Scanner can use it as a library.

view raw gistfile1.txt hosted with ❤ by GitHub

Now we can clone and install the TLS-Scanner

	cd ..
	git clone https://github.com/RUB-NDS/TLS-Scanner.git
	cd TLS-Scanner
	mvn clean package

view raw gistfile1.txt hosted with ❤ by GitHub

Docker

We also provide a Dockerfile, which lets you run the scanner directly

$ docker build . -t tlsscanner

view raw gistfile1.txt hosted with ❤ by GitHub

Getting Started

If you start the TLS-Scanner you should be greeted by a usage info, similar to the one below:

java -jar TLS-Scanner.jar

view raw gistfile1.txt hosted with ❤ by GitHub

 or

docker run -t tlsscanner

view raw gistfile1.txt hosted with ❤ by GitHub

	Usage: <main class> [options]
	Options:
	-aggressiv
	The level of concurrent handshakes (only applies to some resource
	intensive tests)
	Default: 1
	-config
	This parameter allows you to specify a default TlsConfig
	* -connect
	Who to connect to. Syntax: localhost:4433
	-danger
	Integer value (1 - 10) which specifies how aggressive the Scanner should
	test. Default 10
	Default: 10
	-debug
	Show extra debug output (sets logLevel to DEBUG)
	Default: false
	-h, -help
	Prints usage for all the existing commands.
	-implementation
	If you are interessted in the vulnerability of an implementation rather
	than a specific site
	Default: false
	-noColor
	If you use Windows or don't want colored text.
	Default: false
	-quiet
	No output (sets logLevel to NONE)
	Default: false
	-reportDetail
	How detailed do you want the report to be?
	Default: NORMAL
	Possible Values: [ALL, DETAILED, NORMAL, QUICK]
	-scanDetail
	How detailed do you want to scan?
	Default: NORMAL
	Possible Values: [ALL, DETAILED, NORMAL, QUICK]
	-starttls
	Starttls protocol. Choose from ftp, imap, pop3, smtp.
	Default: NONE
	Possible Values: [NONE, FTP, IMAP, POP3, SMTP]
	-threads
	How many threads should execute Probes
	Default: 1
	-timeout
	The timeout used for the scans in ms (default 1000)
	Default: 1000

view raw gistfile1.txt hosted with ❤ by GitHub

This should give you an overview of the supported command line flags. The only really required one is the -connect flag (similar to OpenSSL and TLS-Attacker), with which you specify which host to scan. The most basic command is therefore:

java -jar TLS-Scanner.jar -connect somehost.de

view raw gistfile1.txt hosted with ❤ by GitHub

Your output may look something like this:

	Scanned in: 204s
	Report for hackmanit.de
	--------------------------------------------------------
	Supported Protocol Versions
	TLS10
	TLS11
	TLS12
	--------------------------------------------------------
	Versions
	SSL 2.0 : false
	SSL 3.0 : false
	TLS 1.0 : true
	TLS 1.1 : true
	TLS 1.2 : true
	TLS 1.3 : false
	TLS 1.3 Draft 14 : false
	TLS 1.3 Draft 15 : false
	TLS 1.3 Draft 16 : false
	TLS 1.3 Draft 17 : false
	TLS 1.3 Draft 18 : false
	TLS 1.3 Draft 19 : false
	TLS 1.3 Draft 20 : false
	TLS 1.3 Draft 21 : false
	TLS 1.3 Draft 22 : false
	TLS 1.3 Draft 23 : false
	TLS 1.3 Draft 24 : false
	TLS 1.3 Draft 25 : false
	TLS 1.3 Draft 26 : false
	TLS 1.3 Draft 27 : false
	TLS 1.3 Draft 28 : false
	--------------------------------------------------------
	Supported Ciphersuites
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_256_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
	TLS_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS10
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS11
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS12
	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_256_CBC_SHA256
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_GCM_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Symmetric Supported
	Null : false
	Export : false
	Anon : false
	DES : false
	SEED : false
	IDEA : false
	RC2 : false
	RC4 : false
	3DES : false
	AES : true
	CAMELLIA : true
	ARIA : false
	CHACHA20 POLY1305 : false
	--------------------------------------------------------
	KeyExchange Supported
	RSA : true
	DH : true
	ECDH : true
	GOST : false
	Kerberos : false
	Plain PSK : false
	PSK RSA : false
	PSK DHE : false
	PSK ECDHE : false
	Fortezza : false
	New Hope : false
	ECMQV : false
	--------------------------------------------------------
	Perfect Forward Secrecy
	Supports PFS : true
	Prefers PFS : true
	Supports Only PFS : false
	--------------------------------------------------------
	Cipher Types Supports
	Stream : false
	Block : true
	AEAD : true
	--------------------------------------------------------
	Ciphersuite General
	Enforces Ciphersuite ordering : true
	--------------------------------------------------------
	Supported Extensions
	SERVER_NAME_INDICATION
	EC_POINT_FORMATS
	HEARTBEAT
	SESSION_TICKET
	RENEGOTIATION_INFO
	--------------------------------------------------------
	Extensions
	Secure Renegotiation : true
	Extended Master Secret : false
	Encrypt Then Mac : false
	Tokenbinding : false
	--------------------------------------------------------
	TLS 1.3 Named Groups
	none
	--------------------------------------------------------
	Supported Named Groups
	SECP256R1
	--------------------------------------------------------
	Supported Compressions
	NULL
	--------------------------------------------------------
	Common Bugs [EXPERIMENTAL]
	Version Intolerant : false
	Ciphersuite Intolerant : false
	Extension Intolerant : false
	CS Length Intolerant (>512 Byte) : false
	Compression Intolerant : false
	ALPN Intolerant : false
	CH Length Intolerant : false
	NamedGroup Intolerant : false
	Empty last Extension Intolerant : false
	SigHashAlgo Intolerant : false
	Big ClientHello Intolerant : false
	2nd Ciphersuite Byte Bug : false
	Ignores offered Ciphersuites : false
	Reflects offered Ciphersuites : false
	Ignores offered NamedGroups : false
	Ignores offered SigHashAlgos : true
	--------------------------------------------------------
	Attack Vulnerabilities
	Padding Oracle : false
	Bleichenbacher : false
	CRIME : false
	Breach : false
	Invalid Curve : false
	Invalid Curve Ephemerals : false
	SSL Poodle : false
	TLS Poodle : false
	CVE-20162107 : false
	Logjam : false
	Sweet 32 : false
	DROWN : false
	Heartbleed : Unknown
	EarlyCcs : false
	--------------------------------------------------------
	Bleichenbacher Details
	CKE_CCS_FIN - No Behavior Difference
	CKE - No Behavior Difference
	CKE_CCS - No Behavior Difference
	CKE_FIN - No Behavior Difference
	--------------------------------------------------------
	PaddingOracle Responsemap
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	--------------------------------------------------------
	RFC
	Checks MAC (AppData) : correct
	Checks MAC (Finished) : correct
	Checks VerifyData : correct
	--------------------------------------------------------
	Certificates
	Fingerprint : 214ee696de3dc367a86c53f08154b1b8725a7992be85a366b7fba38f227bf7f0
	Subject : CN=hackmanit.de
	CommonNames : #311530130603550403130c6861636b6d616e69742e6465
	Valid From : Wed Feb 27 08:51:34 CET 2019
	Valid Till : Tue May 28 09:51:34 CEST 2019
	PublicKey : RSA Public Key [38:68:38:ac:e3:c2:c7:2e:60:d6:0d:dd:35:51:4e:9b:80:5b:fc:83]
	modulus: b2a10f47f793b4fdc487f44a06865f3dc4a49deb14db397f3e1ce575a528ec8a053de24e28c941798f2c66d084132f9c94a8f8693f89e58faf08612f6a95a6d17557ea8ebe4ba78166f02222bc3a2b60f42b67a6e5967ce1b1397fff4a08e3b4d50254309f711b92dfae79a5509aa82b4798c81fdd9f38258fa88f7481c04b76298eb7aa76d0fc465f5d2bcb9901da5e7078eaf5c1b2897b92c8fd18a9e6eab240e8e8b696d42a3f1501cd8404979a8b76c620b4eb0e2e835192e450e896ae7da0a91e04a917b12e4325a649084da873adc2d474fbdd2b14e49171f7ac94e593cb9ae8a92b31275b68fde3e62bc601f7cba81897838b24806a7faec67dafc69d
	public exponent: 10001
	Issuer : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
	Signature Algorithm : RSA
	Hash Algorithm : SHA256
	ROCA (simple) : false
	Fingerprint : 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
	Subject : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
	CommonNames : #312330210603550403131a4c6574277320456e637279707420417574686f72697479205833
	Valid From : Thu Mar 17 17:40:46 CET 2016
	Valid Till : Wed Mar 17 17:40:46 CET 2021
	PublicKey : RSA Public Key [7e:b7:3a:83:81:d9:d9:c1:42:38:24:7a:ff:51:4a:57:d3:bf:4b:68]
	modulus: 9cd30cf05ae52e47b7725d3783b3686330ead735261925e1bdbe35f170922fb7b84b4105aba99e350858ecb12ac468870ba3e375e4e6f3a76271ba7981601fd7919a9ff3d0786771c8690e9591cffee699e9603c48cc7eca4d7712249d471b5aebb9ec1e37001c9cac7ba705eace4aebbd41e53698b9cbfd6d3c9668df232a42900c867467c87fa59ab8526114133f65e98287cbdbfa0e56f68689f3853f9786afb0dc1aef6b0d95167dc42ba065b299043675806bac4af31b9049782fa2964f2a20252904c674c0d031cd8f31389516baa833b843f1b11fc3307fa27931133d2d36f8e3fcf2336ab93931c5afc48d0d1d641633aafa8429b6d40bc0d87dc393
	public exponent: 10001
	Issuer : O=Digital Signature Trust Co.,CN=DST Root CA X3
	Signature Algorithm : RSA
	Hash Algorithm : SHA256
	ROCA (simple) : false
	--------------------------------------------------------
	Certificate Checks
	Expired Certificates : false
	Not yet Valid Certificates : false
	Weak Hash Algorithms : false
	--------------------------------------------------------
	Session
	Supports Session resumption : true
	Supports Session Tickets : true
	--------------------------------------------------------
	Renegotioation & SCSV
	Clientside Secure : false
	Clientside Insecure : false
	--------------------------------------------------------
	HSTS
	Not supported
	--------------------------------------------------------
	HPKP
	Not supported
	--------------------------------------------------------
	HTTPS Response Header
	Date:Thu, 28 Mar 2019 10:39:00 GMT
	Server:Apache
	Location:https://www.hackmanit.de/
	Content-Length:296
	Keep-Alive:timeout=5, max=100
	Connection:Keep-Alive
	Content-Type:text/html; charset=iso-8859-1
	--------------------------------------------------------
	Nonce
	Random : No Duplicates (wip)
	--------------------------------------------------------
	PublicKey Parameter
	EC PublicKey reuse : false
	DH PublicKey reuse : false
	Uses Common DH Primes : true
	2048-bit MODP from RFC 3526
	Uses Non-Prime Moduli : false
	Uses Nonsafe-Prime Moduli : false
	DH Strength : 2048

view raw gistfile1.txt hosted with ❤ by GitHub

By default, TLS-Scanner will run single-threaded. In such cases the scanning will take a while; just how long it will take depends on your server configuration. The scanner also supports multi-threading, which drastically improves the performance. There are two parameters to play around with, -threads, which controls how many different "probes" are executed in parallel, and -aggressive , which controls how many handshakes can be executed simultaneously. If you want the fastest results the following parameters are usually a good choice:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100

view raw gistfile1.txt hosted with ❤ by GitHub

But lets get back to the results of the Scanner. Currently the Scanner supports a bunch of well known tests, like supported ciphersuites or protocol versions. These are very similar to what you may be used to from other scanners like ssllabs or testssl.sh.

Padding Oracles

The main advantage of our scanner is the ability to scan for padding oracle vulnerabilities (which is probably why you are reading this post). You will see if you are vulnerable in the "Attack Vulnerabilities" section. For example, when scanning hackmanit.de, the result is false. Good for us! But as you might have seen there is also another section in the scanner report:"PaddingOracle Responsemap"
This section lists the responses of the scanned host for each padding oracle vector, for each cipher suite and protocol version. For hackmanit.de, there is no detected difference in responses, which means hackmanit.de is not vulnerable to the attack:

	PaddingOracle Responsemap
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference

view raw gistfile1.txt hosted with ❤ by GitHub

If we want, we can also look at the concrete responses of the server. For this purpose, we start the scanner with the -reportDetail flag:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 -reportDetail ALL

view raw gistfile1.txt hosted with ❤ by GitHub

With this flag we now get the following details:

	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-47-01 [BAD_RECORD_MAC] ENC X
	BasicMac-24-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X

view raw gistfile1.txt hosted with ❤ by GitHub

So what does this all mean? First of all, we named our malformed records. The interpretation of those names is visualized in the following table:

BasicMac-<position>-<XOR>	A Record with ApplicationData, MAC and padding bytes, where the padding byte at <position> is XOR'd <XOR>
MissingMacByteFirst	A Record without ApplicationData, where the first byte of the MAC is missing
MissingMacByteLast	A Record without ApplicationData, where the last byte of the MAC is missing
Plain FF	A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xFF
Plain 3F	A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xF3
InvPadValMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with invalid padding and valid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The Padding is invalid at <position>.
ValPadInvMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with valid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at <position>.
InvPadInvMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with invalid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at the first position. The Padding is invalid at <position>.

Next to the name you can see what the actual response from the server was. Alert messages which are in [] brackets indicate that the alert was a fatal alert while () brackets indicate a warning alert. ENC means that the messages were encrypted (which is not always the case). The last symbol in each line indicates the state of the socket. An X represents a closed socket with a TCP FIN, a T indicates that the socket was still open at the time of measurement and an @ indicates that the socket was closed with an RST. So how did Hackmanit respond? We see a [BAD_RECORD_MAC]  ENC X, which means we received an ENCrypted FATAL BAD_RECORD_MAC alert, and the TCP connection was closed with a TCP FIN. If a server appears to be vulnerable, the scanner will execute the scan a total of three times to confirm the vulnerability. Since this response is identical to all our vectors, we know that the server was not vulnerable and the scanner is not re-executing the workflows.

Here is an example of a vulnerable host:

	TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS12 - SOCKET_STATE VULNERABLE
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	MissingMacByteLast [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	Plain FF [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X

view raw gistfile1.txt hosted with ❤ by GitHub

As you can see, this time the workflows got executed multiple times, and the scanner reports the cipher suite and version as vulnerable because of "SOCKET_STATE". This means that in some cases the socket state revealed information about the plaintext. If you look closely, you can see that for ValPadInvMac-[0]-0-59, ValPadInvMac-[8]-0-59 and ValPadInvMac-[15]-0-59 the server failed to close the TCP socket, while for all other vectors the TCP connect was closed with a TCP FIN. The server was therefore vulnerable.

Since the server was vulnerable, TLS-Scanner will also print an additional section: "PaddingOracle Details"

In this section we try to identify the vulnerability. In the example above, TLS-Scanner will print the following:

	PaddingOracle Details
	Identification : Openssl CVE-2019-1559
	CVE : Openssl CVE-2019-1559
	Strength : STRONG
	Observable : true
	If an application encounters a fatal protocol error and then calls
	SSL_shutdown() twice (once to send a close_notify and once to receive one), then OpenSSL can respond differently to the calling application if a 0-byte record is received with invalid padding compared to if a 0-byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data.
	For this to be exploitable, "non-stitched" cipher suites must be in
	use. Stitched cipher suites are optimized implementations of specific commonly used cipher suites. Also, the application must call SSL_shutdown() twice even if a
	protocol error has occurred (applications should not do this, but some do
	anyway).
	This issue does not impact OpenSSL 1.1.1 or 1.1.0.
	OpenSSL 1.0.2 users should upgrade to 1.0.2r.
	--------------------------------------------------------
	Affected Products
	Openssl < 1.0.2r
	If your tested software/hardware is not in this list, please let us know so we can add it here.

view raw gistfile1.txt hosted with ❤ by GitHub

As you can see, we attribute this vulnerability to OpenSSL <1.0.2r. We do so by looking at the exact responses to our malformed records. We additionally print two important facts about the vulnerability: Whether it is observable and its strength. The precise details of these properties are beyond the scope of this blogpost, but the short version is:
If an oracle is observable, a man in the middle attacker can see the differences between the vectors by passively observing the traffic, without relying on browser or application specific tricks. A strong oracle has no limitations in the number of consecutive bytes an attacker can decrypt. If an oracle is STRONG and OBSERVABLE, then an attacker can realistically exploit it. This is the case in the example above.
For more details on this, you will have to wait for the paper.

Attribution

As you can see, we try to fingerprint the responsible device/implementation. However, we were not able to identify all vulnerable implementations yet. If we cannot attribute a vulnerability you will receive the following message:

Could not identify the vulnerability. Please contact us if you know which software/hardware is generating this behavior.

If you encounter this message, we do not know yet who is responsible for this padding oracle and would be happy to know which device/vendor is responsible. If you know who is, please contact us so that we can get in contact with the vendor to fix the issue. To reiterate, the tool never sends any data back to us, and it is your choice whether to contact us manually or not.

There are also some cases in which we can identify the vendor, but the vendor has not patched the vulnerability yet. If you encounter such a host, the scanner will tell you that we know the responsible vendor. To prevent abuse, we do not include further details.

Non-Determinism and Errors

In some cases, the scanner is unable to scan for padding oracles and reports ERROR or non-deterministic responses. The ERROR cases appear if the scanner failed could not handshake with the specified cipher suite and protocol version. This might be due to a bug in the tested TLS-Server or a bug in TLS-Attacker or TLS-Scanner. If you think the handshake fails because of an issue on our side, please open an issue on Github, and we will investigate. The more interesting cases are the non-deterministic ones. In such cases the scanner observed non-identical scan results in three separate scans. This can be due to non-determinism in the software, connection errors, server load or non-homogeneous load balancing. Currently, you will have to analyze these cases manually. In the paper, we excluded such hosts from our study because we did not want to artificially improve our results. But we understand that you as a tester want to know if the server is vulnerable or not. If the server is not truly vulnerable you would see the differences between the answers spread across all the different vectors. If the differences only appear on a subset of malformed records the server is very likely vulnerable. If you are unsure, you can also always scan multiple times (or scan slowly), increase the timeout, or if you are entirely lost get in touch with us. 

How YOU can help

Please use the scanner on all your hosts and check for padding oracle vulnerabilities. If the scanner can identify your vulnerability, a patch should already be available. Please patch your system! If the scanner does not identify the vulnerability (and instructs you to contact us), please contact us with the details (robert.merget@rub.de). If you can provide us with the detailed output of the scanner or even better, the name of the host, with the corresponding vendor, we could match the results with our database and help fix the issue. We can already attribute over 90% of the vulnerabilities, but there is still a lot to be discovered. We mostly scanned the Alexa top 1-million on port 443. Other protocols like IMAPS, POP3S, etc. might have different implementations with different vulnerabilities. If you find vulnerabilities with our tool, please give us credit. It helps us to get more funding for our project.

Issues with the Scanner

A notable feature of our scanner is that we do not actively try to avoid intolerances (like not scanning with a lot of cipher suites in the Hello messages etc.). We believe that doing so would hide important bugs. We are currently experimenting with intolerances checks, but the feature is now still in beta. If we cannot scan a server (most of the time due to intolerances or SNI problems), the scanner will report a lot of intolerances and usually no supported protocol versions. Some intolerances may trick the scanner into reporting false results. At the current stage, we cannot make any guarantees. If you are using this tool during a pentest, it might be smart to rescan with other scanners (like the recently released padcheck tool from our colleague Craig Young) to find the ground truth (this is good advice in general, since other mainstream scanners likely have the same issues). Note however that it is very unlikely that the scanner reports a false positive on a padding oracle scan.

Conclusion

There are still a lot of padding oracle vulnerabilities out there - and a lot of them are still unpatched. We hope you will find some bugs with the tool :) Happy H4cking :D

Acknowlegements

This is joint work from Robert Merget (@ic0nz1), Juraj Somorovsky (@jurajsomorovsky),  Nimrod Aviram (@NimrodAviram), Janis Fliegenschmidt (@JanisFliegens), Craig Young (@craigtweets), Jörg Schwenk (@JoergSchwenk) and (Yuval Shavitt).

Read more

1. Hacker Security Tools
2. Hacking Apps
3. Nsa Hack Tools Download
4. Hacker Tools Free Download
5. Pentest Tools Website Vulnerability
6. Hacking Tools For Mac
7. Pentest Recon Tools
8. Pentest Tools Apk
9. Usb Pentest Tools
10. Hacker Tools Apk Download
11. Hacking Tools For Kali Linux
12. Install Pentest Tools Ubuntu
13. Pentest Tools Bluekeep
14. Pentest Tools Open Source
15. Hacking Tools Github
16. Hack Apps
17. Black Hat Hacker Tools
18. Pentest Tools For Mac
19. Hacking Tools For Beginners
20. Wifi Hacker Tools For Windows
21. World No 1 Hacker Software
22. Hacker Tools Mac
23. Pentest Tools Kali Linux
24. Hacker Tools 2019
25. Hacker Tools List
26. Hacking Tools For Windows
27. Hacker Tools Linux
28. Hacker Tools For Ios
29. Beginner Hacker Tools
30. Hacking Tools For Games
31. Pentest Recon Tools
32. Hacking Tools For Windows Free Download
33. Hacker Hardware Tools
34. New Hacker Tools
35. Hacking Tools For Windows Free Download
36. Hacker Search Tools
37. Hacking Tools Download
38. Pentest Tools Bluekeep
39. Hack Tools
40. Hacker Tools Mac
41. Easy Hack Tools
42. World No 1 Hacker Software
43. How To Make Hacking Tools
44. Pentest Tools For Android
45. Pentest Tools List
46. Hack Tools 2019
47. What Is Hacking Tools
48. Pentest Tools Review
49. Hacker Tools For Windows
50. Nsa Hacker Tools
51. Hacking Tools For Kali Linux
52. Pentest Tools For Windows
53. Hacking Tools 2020
54. Nsa Hack Tools Download
55. Hack Tools For Ubuntu
56. Pentest Tools
57. Hacker Tools Free
58. Hacking Tools Usb
59. Hack Website Online Tool
60. Game Hacking
61. Easy Hack Tools
62. Hacker Search Tools
63. Hack Tools Online
64. Hack Tools 2019
65. Hacking Tools For Windows Free Download
66. Hacker Tools Software
67. Hacking Tools For Windows Free Download
68. Hacker Tools Mac
69. Hack Rom Tools
70. Pentest Tools Framework
71. What Are Hacking Tools
72. Hacker Tools For Mac
73. Best Hacking Tools 2020
74. Hacking Tools
75. Pentest Tools Android
76. Hack Tools Online
77. Hacking Tools For Beginners
78. Best Hacking Tools 2020
79. What Are Hacking Tools
80. Tools Used For Hacking
81. Hacking Tools For Pc
82. Hack Tools For Mac
83. Hacking Tools Hardware
84. Pentest Tools Github
85. Pentest Tools Linux
86. What Are Hacking Tools
87. Hack App
88. Hacking Tools Windows 10
89. Hacking Tools For Kali Linux
90. Pentest Box Tools Download
91. Pentest Tools Port Scanner
92. Pentest Tools Nmap
93. Pentest Tools Linux
94. Hacking Tools Name
95. Hacking Tools For Windows
96. Hacking Tools Online
97. Hacker Tools For Ios
98. Pentest Tools Find Subdomains
99. Pentest Tools Framework
100. Nsa Hacker Tools
101. How To Hack
102. Usb Pentest Tools
103. Pentest Tools For Android
104. Hacking Tools Free Download
105. Hacking Tools Download
106. Pentest Tools Github
107. Hacking Tools For Windows 7
108. Hacking Tools Mac
109. How To Install Pentest Tools In Ubuntu
110. Pentest Reporting Tools
111. Hack Tools For Ubuntu
112. Hacker Tools Hardware
113. Hack Tools Download
114. Hacking Tools Usb
115. Hacker Tools Mac
116. Pentest Tools Url Fuzzer
117. Hack And Tools
118. Pentest Box Tools Download
119. Kik Hack Tools
120. Nsa Hack Tools Download
121. Pentest Tools Github
122. Pentest Tools For Windows
123. Pentest Tools Github
124. Ethical Hacker Tools