From e6f9e3e36491f97feebadf3c2fd9714f6cfcbc6e Mon Sep 17 00:00:00 2001 From: Dirk Date: Tue, 14 Jul 2026 22:35:50 +0200 Subject: [PATCH] Add SECURITY.md Minor updates from 3.3dev --- Readme.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Readme.md b/Readme.md index 0103d26..a1f1704 100644 --- a/Readme.md +++ b/Readme.md @@ -11,7 +11,7 @@ [![CI test MacOS](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_macos.yml/badge.svg?branch=3.2)](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_macos.yml) [![Docker](https://img.shields.io/docker/pulls/drwetter/testssl.sh)](https://github.com/testssl/testssl.sh/blob/3.2/Dockerfile.md) ![Mastodon Follow](https://img.shields.io/mastodon/follow/109319848143024146?domain=infosec.exchange) -[![Bluesky](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fpublic.api.bsky.app%2Fxrpc%2Fapp.bsky.actor.getProfile%2F%3Factor%3Dtestssl.bsky.social&query=%24.followersCount&style=social&logo=bluesky&label=Follow%20%40testssl.sh) +![Bluesky](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fpublic.api.bsky.app%2Fxrpc%2Fapp.bsky.actor.getProfile%2F%3Factor%3Dtestssl.bsky.social&query=%24.followersCount&style=social&logo=bluesky&label=Follow%20%40testssl.sh) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/testssl/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) `testssl.sh` is a free command line tool which checks a server's service on @@ -30,8 +30,8 @@ cryptographic flaws. * Reliability: features are tested thoroughly. * Privacy: It's only you who sees the result, not a third party. * Freedom: It's 100% open source. You can look at the code, see what's going on. -* The development is free and open @ GitHub and participation is welcome. -* Unit tests ensure maturity (output is consistent, JSON is valid, runs under Linux+MacOS etc) +* The development is free and open @ GitHub. Participation and contributions are welcome. +* Unit tests ensure maturity: check for consistency, whether JSON is valid, runs under Linux+MacOS, and a lot more! ### License @@ -101,7 +101,7 @@ Given the current manpower we only support n-1 versions. We started a 3.3.dev br * .. it is there for reading. Please do so :-) -- at least before asking questions. See man page in groff, html and markdown format in `~/doc/`. * [https://testssl.sh/](https://testssl.sh/) will help to get you started. * There's also an [AI generated doc](https://deepwiki.com/testssl/testssl.sh), see also below. -* Will Hunt provides a longer [description](https://www.4armed.com/blog/doing-your-own-ssl-tls-testing/) for an older version (2.8), including useful background information. +* Will Hunt provided a longer [description](https://www.4armed.com/blog/doing-your-own-ssl-tls-testing/). While it was written for an older version (2.8), it still includes background information. ### Contributing @@ -121,6 +121,10 @@ https://github.com/testssl/testssl.sh/wiki/Bug-reporting. Nobody can read your t You can also debug yourself, see [here](https://github.com/testssl/testssl.sh/wiki/Findings-and-HowTo-Fix-them). +### Security bug reports + +See [SECURITY.md](https://github.com/testssl/testssl.sh/blob/3.2/SECURITY.md). + ---- ### External/related projects