GithubHelp home page GithubHelp logo

isabella232 / sslyze Goto Github PK

View Code? Open in Web Editor NEW

This project forked from adjust/sslyze

0.0 0.0 0.0 2.19 MB

Fast and full-featured SSL scanner

License: GNU General Public License v2.0

Python 100.00%

sslyze's Introduction

SSLyze

Fast and full-featured SSL scanner. Continuation of https://github.com/iSECPartners/sslyze.

Description

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

Key features include:

  • Multi-processed and multi-threaded scanning (it's fast)
  • SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  • Performance testing: session resumption and TLS tickets support
  • Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more
  • Server certificate validation and revocation checking through OCSP stapling
  • Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP and FTP
  • Support for client certificates when scanning servers that perform mutual authentication
  • XML output to further process the scan results
  • And much more !

Installation

SSLyze requires Python 2.7; the supported platforms are Windows 7 32/64 bits, Linux 32/64 bits and OS X 64 bits.

SSLyze is statically linked with OpenSSL. For this reason, the easiest way to run SSLyze is to download one the pre-compiled packages available in the GitHub releases section for this project, at https://github.com/nabla-c0d3/sslyze/releases.

Usage

Command line options

The following command will provide the list of available command line options: $ python sslyze.py -h

Sample command line:

$ python sslyze.py --regular www.isecpartners.com:443 www.google.com

See the test folder for additional examples.

Build / nassl

SSLyze is all Python code but since version 0.7, it uses a custom OpenSSL wrapper written in C called nassl. The pre-compiled packages for SSLyze contain a compiled version of this wrapper in sslyze/nassl. If you want to clone the SSLyze repo, you will have to get a compiled version of nassl from one of the SSLyze packages and copy it to sslyze-master/nassl, in order to get SSLyze to run.

The source code for nassl is hosted at https://github.com/nabla-c0d3/nassl.

Py2exe Build

SSLyze can be packaged as a Windows executable by running the following command:

$ python.exe setup_py2exe.py py2exe

Where do the trust stores come from?

The Mozilla, Microsoft, Apple and Java trust stores are downloaded using the following tool: https://github.com/kirei/catt.

License

GPLv2 - See LICENSE.txt.

sslyze's People

Contributors

nabla-c0d3 avatar trolldbois avatar secworks avatar tomrittervg avatar mrseccubus avatar ktwombley avatar l01cd3v avatar ryankoppenhaver avatar graingert avatar travisspencer avatar rogerc avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.