update to also reflect dcooper16's work
This commit is contained in:
parent
a3c318655d
commit
83b3be5636
38
CREDITS.md
38
CREDITS.md
|
@ -21,43 +21,44 @@
|
|||
- JSON and CSV output
|
||||
- CA pinning
|
||||
- Client simulations
|
||||
- CI integration, test cases for it
|
||||
- CI integration, some test cases for it
|
||||
|
||||
* David Cooper
|
||||
- Detection + output of multiple certificates
|
||||
- several cleanups of server certificate related stuff
|
||||
- several fixes
|
||||
- completing parsing of TLS ServerHello messages
|
||||
- testssl.sh -e: testing with a mixture of openssl + sockets
|
||||
- extended parsing of TLS ServerHello messages
|
||||
- testssl.sh -e/-E: testing with a mixture of openssl + sockets
|
||||
- finding more TLS extensions via sockets
|
||||
- extensive CN <--> hostname check
|
||||
- extensive CN+SAN <--> hostname check
|
||||
- seperate check for curves
|
||||
- RFC 7919, key shares extension
|
||||
|
||||
- parallel mass testing!
|
||||
- numerous fixes
|
||||
|
||||
* Thomas Patzke:
|
||||
- Support of supplying timeout value for openssl connect
|
||||
|
||||
- Support of supplying timeout value for openssl connect
|
||||
|
||||
* Oleksandr Nosenko
|
||||
- non-flat JSON support
|
||||
- in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
|
||||
- non-flat JSON support (--json-pretty)
|
||||
- in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
|
||||
|
||||
- Christoph Badura
|
||||
- NetBSD fixes
|
||||
|
||||
* Jean Marsault
|
||||
- client auth: ideas, code snipplets
|
||||
|
||||
* Maciej Grela
|
||||
|
||||
* Maciej Grela
|
||||
- colorless handling
|
||||
|
||||
* Olivier Paroz
|
||||
- conversion xxd --> hexdump stuff
|
||||
- conversion xxd --> hexdump stuff
|
||||
|
||||
* @typingArtist
|
||||
- improved BEAST detection
|
||||
|
||||
* @f-s
|
||||
- ARM binary support
|
||||
- ARM binary support
|
||||
|
||||
* Jeroen Wiert Pluimers
|
||||
- Darwin binaries support
|
||||
|
@ -93,15 +94,16 @@
|
|||
* @nvsofts (NV)
|
||||
- LibreSSL patch for GOST
|
||||
|
||||
* Markus Manzke:
|
||||
* Markus Manzke
|
||||
- Fix for HSTS + subdomains
|
||||
- LibreSSL patch
|
||||
|
||||
* Dmitri S
|
||||
- inspiration & help for Darwin port
|
||||
|
||||
* Bug reports:
|
||||
- Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl, Frank Breedijk
|
||||
|
||||
Others I forgot to mention which did give me feedback, bug reports and helped one way or another.
|
||||
|
||||
|
||||
##### Last but not least:
|
||||
|
||||
|
@ -109,5 +111,5 @@
|
|||
|
||||
* Ivan Ristic/Qualys for the liberal license which made it possible to use the client data
|
||||
|
||||
* my family for supporting me doing this work
|
||||
* My family for supporting me doing this work
|
||||
|
||||
|
|
27
Readme.md
27
Readme.md
|
@ -1,7 +1,7 @@
|
|||
|
||||
## Intro
|
||||
|
||||
[![Build Status](https://travis-ci.org/drwetter/testssl.sh.svg?branch=master)](https://travis-ci.org/drwetter/testssl.sh)
|
||||
[![Build Status](https://travis-ci.org/drwetter/testssl.sh.svg?branch=master)](https://travis-ci.org/drwetter/testssl.sh)
|
||||
[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/drwetter/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||||
|
||||
`testssl.sh` is a free command line tool which checks a server's service on
|
||||
|
@ -32,16 +32,16 @@ Here in the _2.9dev branch you find the development version_ of the software
|
|||
-- with new features and maybe some bugs. For the stable version and **a
|
||||
more thorough description of the command line options** please see
|
||||
[testssl.sh](https://testssl.sh/ "Go to the site with the stable version
|
||||
and more documentation") or https://github.com/drwetter/testssl.sh/wiki/Usage-Documentation.
|
||||
and more documentation") or https://github.com/drwetter/testssl.sh/wiki/Usage-Documentation.
|
||||
|
||||
#### Compatibility
|
||||
|
||||
testssl.sh is working on every Linux/BSD distribution out of the box. In 2.9dev most
|
||||
of the limitations of disabled features from the openssl client are gone due to bash-socket-based
|
||||
checks. testssl.sh also works on otherunixoid system out of the box, supposed they have
|
||||
`/bin/bash` and standard tools like sed and awk installed. System V needs to have GNU versions
|
||||
of grep and sed installed. MacOS X and Windows (using MSYS2 or cygwin) work too. OpenSSL
|
||||
version >= 1 is a must. OpenSSL version >= 1.0.2 is needed for better LOGJAM checks and to
|
||||
of the limitations of disabled features from the openssl client are gone due to bash-socket-based
|
||||
checks. testssl.sh also works on otherunixoid system out of the box, supposed they have
|
||||
`/bin/bash` and standard tools like sed and awk installed. System V needs to have GNU versions
|
||||
of grep and sed installed. MacOS X and Windows (using MSYS2 or cygwin) work too. OpenSSL
|
||||
version >= 1 is a must. OpenSSL version >= 1.0.2 is needed for better LOGJAM checks and to
|
||||
display bit strengths for key exchanges.
|
||||
|
||||
Update notification here or @ [twitter](https://twitter.com/drwetter).
|
||||
|
@ -56,17 +56,18 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
|
|||
* Non-flat JSON support
|
||||
* File output (CSV, JSON flat, JSON non-flat) supports a minimum severity level (only above supplied level there will be output)
|
||||
* Native HTML support instead going through 'aha'
|
||||
* Testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
||||
* Testing 359 default ciphers (``testssl.sh -e/-E``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
||||
* LUCKY13 and SWEET32 checks
|
||||
* Ticketbleed check
|
||||
* LOGJAM: now checking also for known DH parameters
|
||||
* Check for CAA RR
|
||||
* Check for OCSP must staple
|
||||
* Check for OCSP must staple
|
||||
* Check for session resumption (Ticket, ID)
|
||||
* Better formatting of output (indentation)
|
||||
* Choice showing the RFC naming scheme only
|
||||
* Parallel mass testing
|
||||
|
||||
#### Features planned in 2.9dev
|
||||
#### Further features planned in 2.9dev
|
||||
|
||||
https://github.com/drwetter/testssl.sh/issues?q=is%3Aopen+is%3Aissue+milestone%3A2.9dev
|
||||
|
||||
|
@ -88,9 +89,9 @@ Help is needed here.
|
|||
|
||||
#### Bug reports
|
||||
|
||||
Please file bugs in the issue tracker. Do not forget to provide detailed information,
|
||||
see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your
|
||||
thoughts -- yet. And only agencies your screen) ;-)
|
||||
Please file bugs in the issue tracker. Do not forget to provide detailed information,
|
||||
see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. Nobody can read your
|
||||
thoughts -- yet. And only agencies your screen ;-)
|
||||
|
||||
----
|
||||
|
||||
|
|
Loading…
Reference in New Issue