Encrypt a file using a symmetric key:

openssl enc -aes-256-cbc -salt -in message.txt -out encrypted_message

Decrypt a symmetrically encrypted file:

openssl enc -aes-256-cbc -d -in encrypted_message -out original_message.txt

Encrypt a file using a password-derived key:

openssl enc -aes-256-cbc -pbkdf2 -iter 10000 -in message.txt -out encrypted_message

Generate a random key for symmetric encryption:

openssl rand -base64 32

Generate a private key:

openssl genpkey -algorithm RSA -out private_key.pem

Generate a certificate signing request (CSR):

openssl req -new -key private_key.pem -out csr.pem

Generate a self-signed certificate:

openssl req -new -x509 -key private_key.pem -out certificate.pem

Convert a certificate from PEM to DER format:

openssl x509 -outform der -in certificate.pem -out certificate.der

To generate a 2048-bit RSA key pair:

openssl genrsa -out private_key.pem 2048

To extract the public key from an RSA private key:

openssl rsa -in private_key.pem -pubout -out public_key.pem```

SSL Certificates:

It may contain the sensitive information about the target company. We can find it on the key icon in the URL bar in the most web browsers.

Detect TLS Version: We can also enumerate TLS version as below:

openssl s_client -connect [URL]:443 -tls1
openssl s_client -connect [URL]:443 -tls1_1
openssl s_client -connect [URL]:443 -tls1_2
openssl s_client -connect [URL]:443 -tls1_3