Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

A Kubernetes controller to retrieve Letsencrypt certificates based on service annotationS

DNS lookup service incl EDNS client subnet, fast geolocation for IP or hostname, HTTP response headers, FREAK attack tester and more.

Scalable, open source X.509 certificate management

letskencrypt consists of isolated (jailed, sandboxed, privilege-dropped), independent components. Each of these is responsible for part of the sequence of manipulating a Let's Encrypt certificate for one or more domains:

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

acme-client - A Ruby client for the letsencrypt's ACME protocol.

Weak Diffie-Hellman and the Logjam Attack

Cipherli.st - Strong ciphers for Apache, nginx and Lighttpd

Memorable site for testing clients against bad SSL configs.

slscan tests SSL/TLS enabled services to discover supported cipher suites