Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-01 06:19:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

mentioning BiGIP cookies and MongoDB

Browse Source
This commit is contained in:
Dirk 2017-09-27 09:25:22 +02:00
parent ce0a00be37
commit e32479818d
2 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
doc/testssl.1
View File

@ -222,24 +222,27 @@ Server banner
HTTP date+time HTTP date+time
. .
.IP "\(bu" 4 .IP "\(bu" 4
Server banner like Linux or other Unix vendor headers
.
.IP "\(bu" 4
Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc) Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc)
. .
.IP "\(bu" 4 .IP "\(bu" 4
Reverse proxy headers Reverse proxy headers
. .
.IP "\(bu" 4 .IP "\(bu" 4
Linux or other Unix vendor headers Web server modules
. .
.IP "\(bu" 4 .IP "\(bu" 4
Web server module IPv4 address in header
.
.IP "\(bu" 4
IPv4 address
. .
.IP "\(bu" 4 .IP "\(bu" 4
Cookie (including Secure/HTTPOnly flags) Cookie (including Secure/HTTPOnly flags)
. .
.IP "\(bu" 4 .IP "\(bu" 4
Decodes BIG IP F5 cookies
.
.IP "\(bu" 4
Security headers (X\-Frame\-Options, X\-XSS\-Protection, \.\.\., CSP headers) Security headers (X\-Frame\-Options, X\-XSS\-Protection, \.\.\., CSP headers)
. .
.IP "" 0 .IP "" 0
@ -543,7 +546,7 @@ implicitly does a STARTTLS handshake on the plain text port, then check the IPs
.IP "" 0 .IP "" 0
. .
.P .P
does the same on the plain text IMAP port\. Please note that for plain TLS\-encrypted ports you must not specify the protocol option: \fBtestssl\.sh smtp\.gmail\.com:465\fR tests the encryption on the SMTPS port, \fBtestssl\.sh imap\.gmx\.net:993\fR on the IMAPS port\. does the same on the plain text IMAP port\. Please note that for plain TLS\-encrypted ports you must not specify the protocol option: \fBtestssl\.sh smtp\.gmail\.com:465\fR tests the encryption on the SMTPS port, \fBtestssl\.sh imap\.gmx\.net:993\fR on the IMAPS port\. Also MongoDB which provides TLS support can be tested\.
. .
.SH "RFCs and other standards" .SH "RFCs and other standards"
. .

9
doc/testssl.1.md
View File

@ -156,12 +156,13 @@ If the server provides no matching record in Subject Alternative Name (SAN) but
* HTTP Public Key Pinning (HPKP) * HTTP Public Key Pinning (HPKP)
* Server banner * Server banner
* HTTP date+time * HTTP date+time
* Server banner like Linux or other Unix vendor headers
* Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc) * Application banner (PHP, RoR, OWA, SharePoint, Wordpress, etc)
* Reverse proxy headers * Reverse proxy headers
* Linux or other Unix vendor headers * Web server modules
* Web server module * IPv4 address in header
* IPv4 address
* Cookie (including Secure/HTTPOnly flags) * Cookie (including Secure/HTTPOnly flags)
* Decodes BIG IP F5 cookies
* Security headers (X-Frame-Options, X-XSS-Protection, ..., CSP headers) * Security headers (X-Frame-Options, X-XSS-Protection, ..., CSP headers)
@ -349,7 +350,7 @@ implicitly does a STARTTLS handshake on the plain text port, then check the IPs
testssl.sh --starttls=imap imap.gmx.net:143 testssl.sh --starttls=imap imap.gmx.net:143
does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: `testssl.sh smtp.gmail.com:465` tests the encryption on the SMTPS port, `testssl.sh imap.gmx.net:993` on the IMAPS port. does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: `testssl.sh smtp.gmail.com:465` tests the encryption on the SMTPS port, `testssl.sh imap.gmx.net:993` on the IMAPS port. Also MongoDB which provides TLS support can be tested.
## RFCs and other standards ## RFCs and other standards