SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool

Find your website's Achilles' Heel

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.


  • SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  • Performance testing: session resumption and TLS tickets support
  • Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
  • Server certificate validation
  • Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
  • Client certificate support for servers performing mutual authentication
  • Scan results can be written to an XML file for further processing

We wrote about SSLyze when it was first released: sslyze – Fast and Full-Featured SSL Configuration Scanner

And for the v0.4 release more recently: SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

v0.6 is now available and has had some significant improvements, v0.5 saw the addition of a server side check for the CRIME attack, that uses SSL Compression. New in v0.6:

  • Added support for Server Name Indication; see –sni
  • Partial results are returned when the server requires client authentication but no client certificate was provided
  • Preliminary IPv6 support
  • Various bug fixes and better support of client authentication and HTTPS tunneling

Do also check out – TLSSLed v1.2 – Evaluate The Security Of A Target SSL Or TLS (HTTPS) Web Server Implementation – and be SURE to read the excellent comment from William.

You can download SSLyze v0.6 here:

Windows 7/Python
Windows 7/Python

Or read more here.

Posted in: Cryptography, Network Hacking, Web Hacking

, , , , , , , , , , ,

Recent in Cryptography:
- Up1 – Client Side Encrypted Image Host
- PEiD – Detect PE Packers, Cryptors & Compilers
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,857 views
- Hackers Crack London Tube Oyster Card - 45,334 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 33,312 views

Comments are closed.