Skip to content

BoringSSL Inspector

Domain: boringssl-inspector

BoringSSL/TLS inspection domain supporting TLS traffic analysis and certificate inspection.

Profiles

  • workflow
  • full

Typical scenarios

  • TLS traffic analysis
  • Certificate parsing
  • Key log capture

Common combinations

  • boringssl-inspector + network
  • boringssl-inspector + browser

Full tool list (28)

ToolDescription
tls_keylog_enableEnable SSLKEYLOGFILE output for BoringSSL-compatible clients.
tls_keylog_parseParse an SSLKEYLOGFILE and summarize available key material.
tls_keylog_disableDisable SSLKEYLOGFILE capture and unset the environment variable.
tls_decrypt_payloadDecrypt a TLS payload using a provided key, nonce, and algorithm.
tls_keylog_summarizeSummarize the contents of an SSLKEYLOGFILE by label distribution.
tls_keylog_lookup_secretLook up a TLS secret by client random hex from the parsed keylog.
tls_cert_pin_bypassReturn a certificate pinning bypass strategy for the selected platform.
tls_parse_handshakeParse TLS handshake metadata from raw hex.
tls_cipher_suitesList TLS cipher suites.
tls_parse_certificateParse a TLS Certificate message from raw hex and extract fingerprints.
tls_probe_endpointProbe a TLS endpoint and report handshake and certificate details.
tcp_openOpen a TCP session.
tcp_writeWrite data to an open TCP session.
tcp_read_untilRead from an open TCP session until a delimiter or byte limit is reached.
tcp_closeClose an open TCP session.
tls_openOpen a TLS session.
tls_writeWrite data to an open TLS session.
tls_read_untilRead from an open TLS session until a delimiter or byte limit is reached.
tls_closeClose an open TLS session.
websocket_openOpen a WebSocket session.
websocket_send_frameSend a WebSocket frame.
websocket_read_frameRead the next queued WebSocket frame from an open session.
websocket_closeClose an open WebSocket session.
tls_cert_pin_bypass_fridaBypass certificate pinning via Frida injection (supports BoringSSL, Chrome, OkHttp).
net_raw_tcp_sendSend raw TCP data to a remote host; accepts hex or text input.
net_raw_tcp_listenListen on a local TCP port for one incoming connection.
net_raw_udp_sendSend a raw UDP datagram and wait for a response.
net_raw_udp_listenListen on a local UDP port for an incoming datagram.

Released under AGPL-3.0-only