SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool


SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

Features

  • SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  • Performance testing: session resumption and TLS tickets support
  • Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
  • Server certificate validation
  • Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
  • Client certificate support for servers performing mutual authentication
  • Scan results can be written to an XML file for further processing

We wrote about SSLyze when it was first released: sslyze – Fast and Full-Featured SSL Configuration Scanner

And for the v0.4 release more recently: SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

v0.6 is now available and has had some significant improvements, v0.5 saw the addition of a server side check for the CRIME attack, that uses SSL Compression. New in v0.6:

  • Added support for Server Name Indication; see –sni
  • Partial results are returned when the server requires client authentication but no client certificate was provided
  • Preliminary IPv6 support
  • Various bug fixes and better support of client authentication and HTTPS tunneling

Do also check out – TLSSLed v1.2 – Evaluate The Security Of A Target SSL Or TLS (HTTPS) Web Server Implementation – and be SURE to read the excellent comment from William.

You can download SSLyze v0.6 here:

Linux/OSXsslyze-0.6_src.zip
Windows 7/Python 32-bitsslyze-0.6_Windows7_Python32.zip
Windows 7/Python 64-bitsslyze-0.6_Windows7_Python64.zip

Or read more here.

Posted in: Cryptography, Networking Hacking, Web Hacking

, , , ,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


Comments are closed.