Skip to content

This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.

Notifications You must be signed in to change notification settings

clr2of8/Detect-SSLmitm

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 

Repository files navigation

Detect-SSLmitm

This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.

Kudos to @malcomvetter for the idea to write this script and for some improvement tips. For example, comparing the intermediate certificate to reduce false positives.

Usage

Load the PowerShell Module functions from the Windows command prompt as follows:

powershell -exec bypass
Import-Module .\Detect-SSLmitm.ps1

Determine which sites (in the url list) are being decrypted by an intercepting proxy:

Detect-SSLmitm

The Output looks like this:

Example Usage

If you would like to configure which sites are checked, open the script and edit the "Uris" list near the bottom, then call the following function.

Get-GoldenHashes

Note, it is important to generate the Golden certificate hashes from a network location known to not decrypt SSL traffic, otherwise you will get false positives.

About

This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published