SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers.
Key features include:
SSLyze can be installed directly via pip:
It is also easy to directly clone the repository and the fetch the requirements:
DOWNLOAD SSLyze
Key features include:
- Fully documented Python API, in order to run scans and process the results directly from Python.
- Scans are automatically dispatched among multiple processes, making them very fast.
- Performance testing: session resumption and TLS tickets support.
- Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more.
- Server certificate validation and revocation checking through OCSP stapling.
- Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
- Support for client certificates when scanning servers that perform mutual authentication.
- Scan results can be written to an XML or JSON file for further processing.
- And much more!
SSLyze can be installed directly via pip:
It is also easy to directly clone the repository and the fetch the requirements:
On Linux, the python-dev package needs to be installed first so that the nassl C extension can be compiled:
DOWNLOAD SSLyze