SSLyze: A Fast and Full-Featured SSL Scanner!

[Nytro]

[h=1]SSLyze: A Fast and Full-Featured SSL Scanner![/h]by Mayuresh on December 21, 2011

When we wrote the “list of SSL scanners for penetration testers” post, in August this year, little did we know that we would have to update it this soon. We have since updated the list with SSLyze, a fast and full featured SSL scanner. It is brought to us by the iSEC Partners.

SSLyze is a stand-alone Python application that looks for classic SSL mis-configurations, while providing the advanced user with the opportunity to customize the application via a simple plugin interface. This open source, cross-platform tool will help you with analyzing the configuration of SSL servers and for identifying mis-configurations such as the use of outdated protocol versions, weak hash algorithms in trust chains, insecure renegotiation, and session resumption settings. [h=2]Features of SSLyze:[/h]

• Insecure renegotiation testing
  
• Scanning for weak strength ciphers
  
• Checking for SSLv2, SSLv3 and TLSv1 versions
  
• Server certificate information dump and basic validation
  
• Session resumption capabilities and actual resumption rate measurement
  
• Support for client certificate authentication
  
• Simultaneous scanning of multiple servers, versions and ciphers
  

For example, SSLyze can help user’s identify server configurations vulnerable to THC’s recently released SSL DOS attack, by checking the server’s support for client-initiated re-negotiations.

As we have already mentioned, it is cross-platform. It supports 64-bit and 32-bit Windows and Linux operating systems. All it needs is the following sets of packages:

Windows: Python 2.6 or 2.7 and OpenSSL 1.0.0c

Linux: Python 2.6 or 2.7 and OpenSSL 0.9.8+

[h=3]Install SSLyze:[/h]

# yum install python26 openssl
# wget http://sslyze.googlecode.com/files/sslyze-0.3_src.zip
# unzip sslyze-0.3_src.zip
# cd sslyze-0.3_src

[h=3]SSLyze usage:[/h]

$ python sslyze.py [options] www.target1.com www.target2.com:443

It supports the following options to provide a granular control:

1. Regular Scan “–regular“: Performs a regular scan. It’s a shortcut for –sslv2 –sslv3 –tlsv1 –reneg –resum –certinfo=basic.
   
2. OpenSSL Cipher Suites “–sslv2“, “–sslv3“, “–tlsv1“: Lists the SSL 2.0 / SSL 3.0 / TLS 1.0 OpenSSL cipher suites supported by the server.
   
3. Session Renegotiation “–reneg“: Checks whether the server is vulnerable to insecure renegotiation.
   
4. Session Resumption “–resum“: Tests the server for session resumption support, using both session IDs and TLS session tickets (RFC 5077).
   
5. Session Resumption Rate “–resum_rate“: Estimates the average rate of successful session resumptions by performing 100 session resumptions.
   
6. Server Certificate “–certinfo=basic“: Verifies the server’s certificate validity against Mozilla’s trusted root store, and prints relevant fields of the certificate.
   
7. Additional options providing client certificate support and connection timeout variables are also available.
   

[h=3]Download SSLyze:[/h] SSLyze v0.3 – sslyze-0.3_src.zip – Downloads - sslyze - Fast and Full-Featured SSL Scanner - Google Project Hosting

Sursa: SSLyze: A Fast and Full-Featured SSL Scanner! — PenTestIT

[Versus71]

SSLyze changed hosting.

Key features include:

• Multi-processed and multi-threaded scanning (it's fast)
  
• SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  
• Performance testing: session resumption and TLS tickets support
  
• Security testing: weak cipher suites, insecure renegotiation, CRIME and more
  
• Server certificate validation and revocation checking through OCSP stapling
  
• Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP and FTP
  
• Support for client certificates when scanning servers that perform mutual authentication
  
• XML output to further process the scan results
  

New link:

https://github.com/iSECPartners/sslyze

https://github.com/iSECPartners/sslyze/archive/master.zip