testssl.sh/CREDITS.md

185 lines
4.1 KiB
Markdown
Raw Normal View History

2014-11-17 18:47:39 +01:00
Full contribution, see git log.
2020-01-20 12:50:31 +01:00
* Dirk Wetter (creator, maintainer and main contributor)
- Everything what's not mentioned below and is included in testssl.sh's git log
minus what I probably forgot to mention
(too much other things to do at the moment and to list it would be a tough job)
* David Cooper (main contributor)
- Major extensions to socket support for all protocols
- extended parsing of TLS ServerHello messages
- TLS 1.3 support (final and pre-final)
- add several TLS extensions
2017-07-13 14:00:41 +02:00
- Detection + output of multiple certificates
- several cleanups of server certificate related stuff
- testssl.sh -e/-E: testing with a mixture of openssl + sockets
- add more ciphers
- coloring of ciphers
2017-07-13 14:00:41 +02:00
- extensive CN+SAN <--> hostname check
2017-09-20 17:20:24 +02:00
- separate check for curves
2017-07-13 14:00:41 +02:00
- RFC 7919, key shares extension
- keyUsage extension in certificate
- experimental "eTLS" detection
2017-07-13 14:00:41 +02:00
- parallel mass testing!
2017-09-19 17:34:22 +02:00
- RFC <--> OpenSSL cipher name space switches for the command line
- better error msg suppression (not fully installed openssl
2017-09-19 17:34:22 +02:00
- GREASE support
- Bleichenbacher / ROBOT vulnerability test
- several protocol preferences improvements
- pwnedkeys.com support
- CT support
- Lots of fixes and improvements
##### Further credits (in alphabetical order)
2020-01-20 12:50:31 +01:00
* a666
- Bugfix
* Christoph Badura
- NetBSD fixes
2020-09-08 15:34:30 +02:00
* Jim Blankendaal
- maximum certificate lifespan of 398 days
- ssl renegotiation amount variable
- custom http request headers
2020-09-08 15:34:30 +02:00
* Frank Breedijk
- Detection of insecure redirects
- JSON and CSV output
- CA pinning
- Client simulations
- CI integration, some test cases for it
2017-09-19 17:34:22 +02:00
2020-04-20 22:49:48 +02:00
* Steven Danneman
- Postgres and MySQL STARTTLS support
- MongoDB support
* Christian Dresen
- Dockerfile
2020-01-20 12:50:31 +01:00
* csett86
- some MacOSX and Java client handshake data
* Mark Felder
- lots of cleanups
- Shellcheck static analysis
* Laine Gholson
- avahi/mDNS support
- HTTP2/ALPN
- bugfixes
- former ARM binary support
* Maciej Grela
- colorless handling
2020-01-20 12:50:31 +01:00
* Jac2NL
- initial support for skipping offensive vulnerability tests
* Scott Johnson
- Bugfix F5
* Hubert Kario
- helped with avoiding accidental TCP fragmentation
2020-04-20 22:49:48 +02:00
* Magnus Larsen
- SSL Labs Rating
* Jacco de Leeuw
- skip checks which might trigger an IDS ($OFFENSIVE / --ids-friendly)
* Manuel
- HTTP basic auth
* Markus Manzke
- Fix for HSTS + subdomains
- LibreSSL patch
* Jean Marsault
- client auth: ideas, code snipplets
* Thomas Martens
- adding colorblind option
- no-rfc mapping
* Peter Mosmans
- started way better cmd line parsing
- cleanups, fixes
- openssl sources support with the "missing" features
* John Newbigin
- Proxy support (sockets and openssl)
2016-11-21 09:05:56 +01:00
* Oleksandr Nosenko
- non-flat JSON support (--json-pretty)
- in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
2016-10-03 20:21:38 +02:00
* Jonathan Roach
- TLS_FALLBACK_SCSV checks
2016-01-30 23:57:00 +01:00
* Jonathon Rossi
- fix for bash3 (Darwin)
- and other Darwin fixes
* Дилян Палаузов
- bug fix for 3des report
- reported a tricky STARTTLS bug
* Thomas Patzke:
- Support of supplying timeout value for openssl connect
2015-06-29 23:31:51 +02:00
2015-07-21 10:25:17 +02:00
* Olivier Paroz
- conversion xxd --> hexdump stuff
2015-07-21 10:25:17 +02:00
2015-08-04 10:33:48 +02:00
* Jeroen Wiert Pluimers
2016-10-03 20:21:38 +02:00
- Darwin binaries support
2015-08-04 10:33:48 +02:00
2020-01-20 12:50:31 +01:00
* Joao Poupino
- Minimize false positive detection for Renegotiation checks against Node.js etc.
2015-07-21 10:25:17 +02:00
* Rechi
2017-07-13 14:00:41 +02:00
- initial MX stuff
- fixes
2015-06-29 23:31:51 +02:00
* Gonçalo Ribeiro
- --connect-timeout
* Dmitri S
- inspiration & help for Darwin port
2015-03-17 22:14:05 +01:00
2020-05-01 18:03:19 +02:00
* Jonas Schäfer
- XMPP server patch
* Marcin Szychowski
- Quick'n'dirty client certificate support
2015-08-02 00:07:08 +02:00
* Viktor Szépe
2017-07-13 14:00:41 +02:00
- color function maker
2015-08-02 00:07:08 +02:00
* Julien Vehent
- supplied 1st Darwin binary
2016-02-01 22:41:36 +01:00
2020-01-20 12:50:31 +01:00
* Thomas Ward
- add initial IDN support
* @typingArtist
- improved BEAST detection
* @f-s
- ARM binary support
2015-07-21 10:25:17 +02:00
2015-03-13 12:21:06 +01:00
* @nvsofts (NV)
2017-07-13 14:02:33 +02:00
- LibreSSL patch for GOST
2015-03-13 12:21:06 +01:00
Probably more I forgot to mention which did give me feedback, bug reports and helped one way or another.
2014-11-17 18:47:39 +01:00
2014-11-17 18:59:57 +01:00
##### Last but not least:
2014-11-17 18:47:39 +01:00
* OpenSSL team for providing openssl.
* Ivan Ristic/Qualys for the liberal license which made it possible to make partly use of the client data
2014-11-17 18:47:39 +01:00
* My family for supporting me doing this work