Mozzarella

Home

Anti Certificate Spoofing

With this tool you can protect yourself against HTTPS certificate spoofing

„Https encryptions are only as secure as your public key is known and verified that it really comes from the server.“

With each new web page, the fingerprint of the certificate is written into the database (it is assumed that the certificate is authentic at that time)
The next time you visit the website you have already visited, the system checks whether the certificate matches. If so, nothing happens and you can go to the website as usual. If not. You will be redirected to our add-on, which will tell you that the website has a different certificate fingerprint. This can have several reasons: 1. the server has a new certificate (the old one has expired) or someone is performing a man in middle attack against you and has a generated certificate authenticated by a CA and the browser would accept it.
In this case the addon blocks access to the website and gives you the choice to visit the page anyway and save the new fingerprint.
In this case you should urgently find out the true SHA256 fingerprint hash of the server and check it before you continue.

Install