NoSnoop Find out if your HTTPS traffic is being monitored

Description

NoSnoop is a standalone, browser-independent application that will perform SSL/TLS handshakes with a list of 250 popular websites and examine the certificate chains received from each server. It will alert on any unexpected certificates.

NoSnoop will check for obvious cases (such as interception by a local proxy, your employer's SSL inspection gateways, or a malware infection), as well as more advanced attacks (for instance, if the root cert is valid but issued by an unexpected organization or country).

An entire scan typically takes less than 30 seconds.

Note: Currently, NoSnoop only supports Windows 7 and later.


Wait, how does this differ from RCC?

RCC performs a static check on the local certificate store. NoSnoop takes a dynamic approach by analyzing the actual certs your computer receives when connecting to popular websites.




Download





Quick start

No installation needed! Just unzip to any folder, and launch.

Any alerts will be flagged in red.
A cert is marked as "triple-trusted" if it is found in all 3 major trust stores (Microsoft, Mozila, and Google).
This early release is free for use. However, donations are welcome.
As it is a beta, bugs and/or false positive detections should be expected.
Note that NoSnoop might become part of a broader Web PKI product in the near future.


Requirements

● Windows 7 or later
● 1MB disk space


About

I am an infosec expert with 15 years of experience within various large organizations in technology, government and finance. Over the years, I have also released a number of Windows tools aimed at improving online security and privacy.


Privacy

NoSnoop contains no adware, malware or sponsored content of any sort.

This website does not collect any personal information.


FAQ (Coming soon)