DetecTor is an open source project to implement client side SSL/TLS MITM detection, compromised CA detection and server impersonation detection, by making use of the Tor network.

Read the DetecTor design and vision - (pdf)

Material presented at #30C3 conference: Lightning talk video, transcript and workshop slides.

Status: Early development. A sphere-probe utility (beta) is available (monitor your own server and alert on unexpected MITM certificates, or check for certificate consistency of direct and remote connections). Transparent integration into SSL/TLS client protocol code of the NSS library is intended.

Latest source code snapshot: sphere-detection-0.2.tar.gz

Source code repository: sphere-detection on GitHub

To discuss the design and related software: mailing list or IRC channel #detector on Freenode.

For major announcements: follow me

Older documents and downloads.

The DetecTor project is independent of the Tor project, but encourages the use of the Tor software and the Tor network for its purposes. While a major goal of the Tor project is to implement anonymity, the DetecTor project doesn't attempt to achieve anonymity, but utilizes the distributed nature of the Tor network.