LOW: 64 Bit + DES, RC, MD5 (w/o export ) not offered (OK ) NULL ciphers (no encryption ) not offered (OK )Īnonymous NULL Ciphers (no authentication ) not offered (OK )Įxport ciphers (w/o ADH+NULL ) not offered (OK ) NPN/SPDY h2, http/1.1, http/1.0 (advertised ) Testing protocols via sockets except NPN+ALPN Testssl.sh support following vulnerabilities detection:
Freedom: It’s 100% open source on github. Privacy: It’s only you who sees the result, not a third party. Verbosity: If a particular check cannot be performed because of a missing capability on your client side, you’ll get a warning. Reliability: features are tested thoroughly. Toolbox: Several command line options help you to run your test and configure your output to HTML/JSON/CSV format. Flexibility: You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443. Works for multiple platforms: Linux, Mac OSX, FreeBSD, NetBSD and WSL/MSYS2/Cygwin. Testssl.sh is a free and open source command line tool which checks a server’s support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. Do not want to use Qualys SSL Labs SSL Server test. Want to output result as HTML/JSON/CSV format. Want to run TLS/SSL test in CI (Continue Integration) environment. 
Want to use command line to test server TLS/SSL config properly, scan TLS/SSL vulnerabilities.If you want to test server TLS/SSL and have following
Test server prefer protocol+cipher suites. Test website TLS/SSL config and vulnerabilities.
0 kommentar(er)
