testssl.sh/Readme.md

35 lines
2.1 KiB
Markdown
Raw Normal View History

2014-07-02 09:40:02 +02:00
## Intro
2015-01-27 23:45:51 +01:00
[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/drwetter/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
2015-04-16 21:05:23 +02:00
`testssl.sh` is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.
2014-07-02 09:40:02 +02:00
2015-04-16 21:05:23 +02:00
It is working on every Linux distribution out of the box with some limitations of disabled features from the openssl client (some workarounds are done with bash socket based checks). It also works on BSD and other Unices out of the box, supposed they have `/bin/bash` and standard tools like sed and awk installed. MacOS X and Windows (using MSYS2) work too.
2014-07-02 09:40:02 +02:00
2015-01-26 12:37:00 +01:00
On github you will find in the master branch the development version of the software -- with new features and maybe some bugs. For the stable version and a more thorough description of the software please see [testssl.sh](https://testssl.sh/ "Go to the site with the stable version and more documentation").
2015-01-16 17:16:22 +01:00
2015-04-23 09:25:28 +02:00
New features in the upcoming release are:
2015-01-16 17:16:22 +01:00
2015-04-16 21:05:23 +02:00
* "only one cmd line option at a time": completely gone
2015-04-23 09:25:28 +02:00
* several tuning parameters on the cmd line (only available through environment variables b4): --assuming-http, --ssl-native, --sneaky, --warnings, --color, -- debug, --long
2015-04-10 10:13:30 +02:00
* certificate information: done,
2015-04-23 08:48:28 +02:00
* more HTTP header infos (cookies+security headers): done.
2015-04-10 10:13:30 +02:00
* protocol check via bash sockets, SSLv2+v3: done
* maybe: cipher check via bash sockets: for now only with development option -q
* debug file handling: done so far
2015-04-23 08:48:28 +02:00
* BEAST: done, maybe needs long output as option
* FREAK: done
2015-04-23 09:25:28 +02:00
* Secure Client-Initiated Renegotiation: done
2015-04-23 08:48:28 +02:00
* cosmetic code cleanups
* bugfixing
2014-09-01 10:22:48 +02:00
2015-04-23 08:48:28 +02:00
Bottom line: Expect no further big features now. Plan is to stabilize, bug fix and make a 2.4 release before next bigger development stage.
2015-04-16 21:05:23 +02:00
2015-03-02 13:59:45 +01:00
Contributions, feedback, also bug reports are welcome. For contributions please note: One patch per feature -- bug fix/improvement.
2014-07-02 09:40:02 +02:00
2015-04-10 10:13:30 +02:00
Update notification here or @ [twitter](https://twitter.com/drwetter).
2014-07-02 09:40:02 +02:00