Saturday, June 17, 2017

sslscan – Detect SSL Versions & Cipher Suites (Including TLS)

7:50 AM Leave a Reply
sslscan is a very efficient C program that allows you to detect SSL versions & cipher suites (including TLS) and also checks for vulnerabilities like Heartbleed and POODLE.
sslscan - Detect SSL Versions & Cipher Suites (Including TLS)
A useful tool to keep around after you’ve set-up a server to check the SSL configuration is robust. Especially if you’re in an Internet limited environment and you can’t use an Online tool like the excellent Qualsys SSL Labs – https://www.ssllabs.com/ssltest/

Features

sslscan has fairly complete support to detect all versions and ciphers for both SSL and TLS, including vulnerabilities (like Heartbleed and Poodle).
  • Highlight SSLv2 and SSLv3 ciphers in output.
  • Highlight CBC ciphers on SSLv3 (POODLE).
  • Highlight 3DES and RC4 ciphers in output.
  • Highlight PFS+GCM ciphers as good in output.
  • Check for OpenSSL HeartBleed (CVE-2014-0160).
  • Flag expired certificates.
  • Flag weak DHE keys with OpenSSL >= 1.0.2.
  • Experimental Windows & OS X support.
  • Support for scanning PostgreSQL servers.
  • StartTLS support for LDAP.

Usage

You can download sslscan here:

0 comments :