# Install ssldump with Homebrew, apk, apt, dnf, MacPorts, Nix, zypper

SSLv3/TLS network protocol analyzer. Version 1.9 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:ssldump
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install ssldump
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install ssldump
```

  Evidence: MacPorts ports tree: net/ssldump/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- apk (92%):

```sh
sudo apk add ssldump
```

  Evidence: Alpine Linux edge package indexes: ssldump from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install ssldump
```

  Evidence: Debian stable package indexes: ssldump from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install ssldump
```

  Evidence: Fedora Rawhide package metadata: ssldump from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#ssldump
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ss/ssldump/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- zypper (92%):

```sh
sudo zypper install ssldump
```

  Evidence: openSUSE Tumbleweed package metadata: ssldump from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

## Package facts

- **Package key:** brew:ssldump
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/ssldump>
- **Version:** 1.9
- **Source summary:** SSLv3/TLS network protocol analyzer
- **Homepage:** <https://adulau.github.io/ssldump/>
- **Repository:** <https://github.com/adulau/ssldump>
- **Upstream docs:** <https://adulau.github.io/ssldump>
- **License:** BSD-4-Clause
- **Source archive:** <https://github.com/adulau/ssldump/archive/refs/tags/v1.9.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- ssldump (cli)
- ssldump (alias)

## Dependencies

- json-c
- libnet
- libpcap
- openssl@3

## Build dependencies

- cmake

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.9
- Local data: ok
- Upstream repository: https://github.com/adulau/ssldump
- Upstream latest detected: v1.9 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

ssldump is an SSLv3/TLS network protocol analyzer with a long package history as a maintained fork of the original 0.9b3 code plus distribution patches.

### Project history

The current upstream README describes the repository as a de facto place for gathering ssldump patches from Debian, other distributions, and pull requests around the original SSLDUMP 0.9b3. Alexandre Dulaunoy's repository imported the original tarball and distribution patch set in 2015, then began tagged 1.x releases in 2019.

Modern ssldump retains the classic packet-analysis role of identifying SSLv3/TLS traffic and printing decoded records, while adding JSON output, JA3 support, IPv6, FAN/1 passive fingerprints, and maintained build/test infrastructure.

### Adoption history

The README lists availability in Alpine Linux, Arch/AUR, EPEL/Fedora-family packages, Debian, Fedora, Kali, Ubuntu, and Homebrew-oriented macOS build instructions. The supplied package metadata also records Homebrew, Debian, dnf, MacPorts, Nix, Ubuntu, and zypper packaging, reflecting ssldump's status as a packaged security-analysis utility rather than only a source checkout.

### How it is used

Typical usage captures live or saved traffic and asks ssldump to decode TLS handshakes or emit JSON for downstream tools such as `jq`. With suitable keying material, it can also decrypt application data, while recent JSON modes expose passive fingerprints for analysis pipelines.

### Why package nerds care

ssldump is significant to package maintainers because it is legacy security tooling kept alive through distribution patches, OpenSSL compatibility work, and feature additions needed by packet-analysis users. Its history illustrates how package ecosystems preserve useful C utilities long after the original upstream becomes inactive.

### Timeline

- 2015: Current repository imported ssldump 0.9b3 and distribution patches.
- 2019: v1.0 tagged after accumulated fixes and TLS/cipher-suite updates.
- 2021: v1.3 and v1.4 series included JSON output work and IPv6 support.
- 2022: v1.5 documentation covered JA3 use cases.
- 2024: v1.9 released with current README identifying it as the maintained de facto patch-gathering repository.

### Related projects

- The README connects ssldump to Passive SSL work, the D4 Project, JA3 fingerprinting, FAN/1 passive fingerprints, and sslsplit-inspired pcap writing.

### Sources

- Git history from https://github.com/adulau/ssldump
- <https://adulau.github.io/ssldump>
- <https://github.com/adulau/ssldump#readme>
- <https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog>
- source_facts.package-manager


## Security Notes

broad file, network, media, or database tool signal.

- **Geiger risk:** blue / medium
- broad file, network, media, or database tool signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** ssldump
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Debian apt - ssldump - 1.9-1: normalized package name match | Debian stable package indexes: ssldump from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | SSLv3/TLS network protocol analyzer | https://github.com/adulau/ssldump
- Nix - ssldump: normalized package name match | nixpkgs package indexes: pkgs/by-name/ss/ssldump/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - ssldump - 1.8-1build2: normalized package name match | Ubuntu 24.04 LTS package indexes: ssldump from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | SSLv3/TLS network protocol analyzer | https://github.com/adulau/ssldump
- apk - ssldump - 1.9-r1: normalized package name match | Alpine Linux edge package indexes: ssldump from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | SSLv3/TLS network protocol analyzer | https://github.com/adulau/ssldump
- apk - ssldump-doc - 1.9-r1: normalized package name match | Alpine Linux edge package indexes: ssldump-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | SSLv3/TLS network protocol analyzer (documentation) | https://github.com/adulau/ssldump
- dnf - ssldump - 1.9-4.fc44: normalized package name match | Fedora Rawhide package metadata: ssldump from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | SSL/TLS network protocol analyzer | https://github.com/adulau/ssldump
- zypper - ssldump - 1.9-3.3: normalized package name match | openSUSE Tumbleweed package metadata: ssldump from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | SSLv3/TLS Network Protocol Analyzer | https://adulau.github.io/ssldump/
- MacPorts - ssldump: normalized package name match | MacPorts ports tree: net/ssldump/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [libnet](https://www.automicvault.com/pkg/brew/libnet/) - Runtime dependency declared by Homebrew.
- [libpcap](https://www.automicvault.com/pkg/brew/libpcap/) - Runtime dependency declared by Homebrew.
- [openssl@3](https://www.automicvault.com/pkg/brew/openssl-3/) - Runtime dependency declared by Homebrew.
- [cmake](https://www.automicvault.com/pkg/brew/cmake/) - Build dependency declared by Homebrew.
- [sslsplit](https://www.automicvault.com/pkg/brew/sslsplit/) - Shares av.db curated category or tags: cli, network-analysis, security, ssl, tls.
- [gmssl](https://www.automicvault.com/pkg/brew/gmssl/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [gnutls](https://www.automicvault.com/pkg/brew/gnutls/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [libressl](https://www.automicvault.com/pkg/brew/libressl/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [mbedtls](https://www.automicvault.com/pkg/brew/mbedtls/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [silk](https://www.automicvault.com/pkg/brew/silk/) - Shares av.db curated category or tags: cli, network-analysis, security.
- [ssllabs-scan](https://www.automicvault.com/pkg/brew/ssllabs-scan/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [sslscan](https://www.automicvault.com/pkg/brew/sslscan/) - Shares av.db curated category or tags: cli, security, ssl, tls.
- [stunnel](https://www.automicvault.com/pkg/brew/stunnel/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, openssl, openssl-3, security, ssl.

## Combined YAML source

View the package source record on GitHub. [combined/ssldump.yml](https://github.com/automic-vault/db/blob/main/combined/ssldump.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
