Primary download
sslsmurf-0.9.4.tar.gz
The newest tarball hosted here, announced on May 19, 2004.
Download the tarball
What it does
Accepts local proxy connections, logs requests and responses, and forwards selected requests through SSL so the clear text can be observed at the proxy endpoint.
Primary idea
When the proxy itself is the SSL endpoint, encrypted traffic becomes inspectable before it is forwarded onward.
Platform note
Written for Linux, with an old compilation note for Cygwin preserved in this directory.
Downloads
Latest release and archive
Compatibility
Cygwin build note
Preserved note from Felipe with a library tweak and a small source-level workaround for compiling under Cygwin.
Read the noteContext
Original behavior
The historical page explained the tool inline, including command-line flags and a sample capture against www.rsa.com.
Usage
How it was meant to work
Typical flow
Browser to sslsmurf to destination
You configure the browser to use sslsmurf as its HTTP and HTTPS proxy. sslsmurf accepts local connections, optionally routes through a downstream proxy, and upgrades selected hosts to HTTPS while logging the clear text request and response data.
Command-line
Core options
The original page highlights three essential controls: local listen port with -p, downstream proxy with -P, and one or more hosts to be smurfed with -h.
Output
Captured traffic
Requests and responses were written to standard output, along with SSL socket information and a transcript of the returned traffic.
History
The original project context
sslsmurf was documented directly on the landing page rather than in a separate article. The preserved source archive and compatibility note remain here, but the front page now focuses on what the tool was for and how it was used.