Your Perfect Cybersecurity Partner

Stay Connected:

SSLYZE

Image

Description

SSLyze is a fast and powerful SSL/TLS scanning library.It allows you to analyze the SSL/TLS configuration of a server by connecting to it, in order to detect various issues (bad certificate, weak cipher suites, Heartbleed, ROBOT, TLS 1.3 support, etc.).

Key features

  •  Fully documented Python API, in order to run scans and process the results directly from Python.
  • Support for TLS 1.3 and early data (0-RTT) testing.
  •  Scans are automatically dispatched among multiple workers, making them very fast.
  •  Performance testing: session resumption and TLS tickets support.
  •  Security testing: weak cipher suites, supported curves, ROBOT, Heartbleed and more.
  •  Server certificate validation and revocation checking through OCSP stapling.
  •  Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
  •  Scan results can be written to a JSON file for further processing.

Installation

Install go in your environment and run the below command :

  • Clone the link of sslyze tool from github in your system

       Git clone https://github.com/nabla-c0d3/sslyze.git

  • Change the directory to sslyze

      Cd sslyze

  • Run the tool using following command

      sslyze -h

      sslyze

  •  After that you may find the vulnerabilities in the ssl.

Demo

 

Refrence

https://github.com/nabla-c0d3/sslyze