Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-12-29 04:49:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

mentioning BiGIP cookies and MongoDB

Browse Source
This commit is contained in:
Dirk 2017-09-27 09:25:22 +02:00
parent ce0a00be37
commit e32479818d
2 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
doc/testssl.1
View File

@ -222,24 +222,27 @@ Server banner
HTTP date+time
.
.IP "\(bu" 4
Server banner like Linux or other Unix vendor headers
.
.IP "\(bu" 4
Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc)
.
.IP "\(bu" 4
Reverse proxy headers
.
.IP "\(bu" 4
Linux or other Unix vendor headers
Web server modules
.
.IP "\(bu" 4
Web server module
.
.IP "\(bu" 4
IPv4 address
IPv4 address in header
.
.IP "\(bu" 4
Cookie (including Secure/HTTPOnly flags)
.
.IP "\(bu" 4
Decodes BIG IP F5 cookies
.
.IP "\(bu" 4
Security headers (X\-Frame\-Options, X\-XSS\-Protection, \.\.\., CSP headers)
.
.IP "" 0
@ -543,7 +546,7 @@ implicitly does a STARTTLS handshake on the plain text port, then check the IPs
.IP "" 0
.
.P
does the same on the plain text IMAP port\. Please note that for plain TLS\-encrypted ports you must not specify the protocol option: \fBtestssl\.sh smtp\.gmail\.com:465\fR tests the encryption on the SMTPS port, \fBtestssl\.sh imap\.gmx\.net:993\fR on the IMAPS port\.
does the same on the plain text IMAP port\. Please note that for plain TLS\-encrypted ports you must not specify the protocol option: \fBtestssl\.sh smtp\.gmail\.com:465\fR tests the encryption on the SMTPS port, \fBtestssl\.sh imap\.gmx\.net:993\fR on the IMAPS port\. Also MongoDB which provides TLS support can be tested\.
.
.SH "RFCs and other standards"
.

9
doc/testssl.1.md
View File

@ -156,12 +156,13 @@ If the server provides no matching record in Subject Alternative Name (SAN) but
* HTTP Public Key Pinning (HPKP)
* Server banner
* HTTP date+time
* Server banner like Linux or other Unix vendor headers
* Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc)
* Reverse proxy headers
* Linux or other Unix vendor headers
* Web server module
* IPv4 address
* Web server modules
* IPv4 address in header
* Cookie (including Secure/HTTPOnly flags)
* Decodes BIG IP F5 cookies
* Security headers (X-Frame-Options, X-XSS-Protection, ..., CSP headers)
@ -349,7 +350,7 @@ implicitly does a STARTTLS handshake on the plain text port, then check the IPs
testssl.sh --starttls=imap imap.gmx.net:143
does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: `testssl.sh smtp.gmail.com:465` tests the encryption on the SMTPS port, `testssl.sh imap.gmx.net:993` on the IMAPS port.
does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: `testssl.sh smtp.gmail.com:465` tests the encryption on the SMTPS port, `testssl.sh imap.gmx.net:993` on the IMAPS port. Also MongoDB which provides TLS support can be tested.
## RFCs and other standards