I was recently working on a Java-based application that communicated exclusively over SSL. This is a good thing for the application, but a bad thing for someone trying to test it. I naively thought that I could edit a couple of files and boom, be on my way. Alas, what follows is what I had to do to get in between and start understanding the application:
My initial take was that I would use two instances of stunnel (I use 3.x because I am old, crusty, and like the simplicity of the 3.x command line interface), with Blackbag
The link for this article located at Matasano Chargen is no longer available.