• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

SSLyze

✨ DeeZNuTz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
982
Likes
760
Points
1,045
SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.
Key features include:

  • Fully documented Python API, in order to run scans and process the results directly from Python.
  • Scans are automatically dispatched among multiple processes, making them very fast.
  • Performance testing: session resumption and TLS tickets support.
  • Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more.
  • Server certificate validation and revocation checking through OCSP stapling.
  • Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
  • Support for client certificates when scanning servers that perform mutual authentication.
  • Scan results can be written to an XML or JSON file for further processing.
  • And much more!
Getting started

SSLyze can be installed directly via pip:

Code:
pip install --upgrade setuptools
pip install sslyze
sslyze --regular www.yahoo.com:443 www.google.com "[2607:f8b0:400a:807::2004]:443"

It is also easy to directly clone the repository and the fetch the requirements:

Code:
git clone https://github.com/nabla-c0d3/sslyze.git
cd sslyze
pip install -r requirements.txt --target ./lib
python -m sslyze --regular www.yahoo.com:443 www.google.com "[2607:f8b0:400a:807::2004]:443"
On Linux, the python-dev package needs to be installed first so that the nassl C extension can be compiled:

Code:
sudo apt-get install python-dev

DOWNLOAD SSLyze
 
Top Bottom