Description
SSLyze is a fast and powerful SSL/TLS scanning library.It allows you to analyze the SSL/TLS configuration of a server by connecting to it, in order to detect various issues (bad certificate, weak cipher suites, Heartbleed, ROBOT, TLS 1.3 support, etc.).
Key features
- Fully documented Python API, in order to run scans and process the results directly from Python.
- Support for TLS 1.3 and early data (0-RTT) testing.
- Scans are automatically dispatched among multiple workers, making them very fast.
- Performance testing: session resumption and TLS tickets support.
- Security testing: weak cipher suites, supported curves, ROBOT, Heartbleed and more.
- Server certificate validation and revocation checking through OCSP stapling.
- Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
- Scan results can be written to a JSON file for further processing.
Installation
Install go in your environment and run the below command :
- Clone the link of sslyze tool from github in your system
Git clone https://github.com/nabla-c0d3/sslyze.git
- Change the directory to sslyze
Cd sslyze
- Run the tool using following command
sslyze -h
sslyze
- After that you may find the vulnerabilities in the ssl.
Demo
Refrence
https://github.com/nabla-c0d3/sslyze