Jump to content
Nytro

FAST FULL-FEATURED SSL SCANNER

Recommended Posts

Posted on 10/02/2016, 13:06 By Johnny Cash

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.

Key features

  • Multi-processed and multi-threaded scanning: it’s very fast.
  • Support for all SSL protocols, from SSL 2.0 to TLS 1.2.
  • SSLyze can also be used as a library, in order to run scans and process the results directly from Python.
  • Performance testing: session resumption and TLS tickets support.
  • Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more.
  • Server certificate validation and revocation checking through OCSP stapling.
  • Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
  • Support for client certificates when scanning servers that perform mutual authentication.

Installation
SSLyze can be installed directly via pip:

pip install sslyze

or

git clone https://github.com/nabla-c0d3/sslyze /opt/sslyze
cd /opt/sslyze
pip install -r requirements.txt --target ./lib

Usage
python sslyze_cli.py –regular www.yahoo.com:443 www.google.com

Platforms
SSLyze has been tested on the following platforms:
Windows 7 (32 and 64 bits), Debian 7 (32 and 64 bits), OS X El Capitan.

 

Sursa: http://securityblog.gr/3267/fast-full-featured-ssl-scanner/

  • Upvote 2
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...