Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-10 18:50:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 601c810240 add stderr to line showing "Waiting for test" FIX #750 Dirk 2017-05-19 17:09:47 +0200
  • 041abd57ce FIX #749 and #751 Dirk 2017-05-19 17:00:30 +0200
  • 83b3be5636 update to also reflect dcooper16's work Dirk 2017-05-17 18:56:07 +0200
  • a3c318655d Merge pull request #745 from dcooper16/run_mass_testing_parallel2 Dirk Wetter 2017-05-17 18:34:13 +0200
  • a5e224b082 Update Readme.md Dirk Wetter 2017-05-17 09:03:15 +0200
  • 9d9a658dca More improvements to mass testing in parallel #745 David Cooper 2017-05-16 14:16:35 -0400
  • dfda82aa7d Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev Dirk 2017-05-16 09:46:55 +0200
  • 3b1638f603 small performance improvement for prepare_arrays() by replacing grep + awk by awk only Dirk 2017-05-16 09:45:16 +0200
  • 59a175cba3 changed to Linux Dirk 2017-05-15 20:53:09 +0200
  • 5bb1a67dde Update Readme.md Dirk Wetter 2017-05-15 20:14:11 +0200
  • e8b5a82c7e Considerable reliability improvements for ticketbleed: if a handshake server hello was received, testssl.sh tries 3 times to get memory from the server, If the server returns different memory it's highly likely vulnerable. (some more vulnerable devices to test against would be appreciated). Dirk 2017-05-15 19:47:13 +0200
  • b694930fc2 RFC 5077 states that the server MAY give a hint of the lifetime of the ticket. Sometimes it just does not. In those case also sometimes session resumption via tickets is supported. Dirk 2017-05-15 13:18:20 +0200
  • 49b1be9f34 fix json/csv output for ticketbleed Dirk 2017-05-15 10:08:34 +0200
  • 8bc57fea9e Merge c94f306030 into 2aa68827b9 #739 dubit0 2017-05-12 16:33:04 +0000
  • b4889a731b Upgraded proxy sockets to use CONNECT 1.0 to avoid proxy problems -- for the time being (see also #741/ #739) Dirk 2017-05-12 18:31:59 +0200
  • 2aa68827b9 don't do double work, reordering stuff Dirk 2017-05-12 17:58:20 +0200
  • f70bc4e08f better platform support, revert to pure /bin/sh, better verbosity... Dirk 2017-05-12 17:21:45 +0200
  • bed1f8cc0d Merge pull request #743 from dcooper16/broken_pipe Dirk Wetter 2017-05-12 16:18:18 +0200
  • 9897debd4d Prevent broken pipe error #743 David Cooper 2017-05-12 09:51:19 -0400
  • 0eb88ff8dc FIX #626 v2.8 2.8 Dirk 2017-05-10 21:04:48 +0200
  • 2750febb2f Merge pull request #740 from dcooper16/run_mass_testing_parallel Dirk Wetter 2017-05-10 18:49:55 +0200
  • 55df788937 Improvements to mass testing in parallel #740 David Cooper 2017-05-10 12:18:59 -0400
  • c94f306030 proxy support: update HTTP CONNECT to conform RFC2616 #739 dubit0 2017-05-10 09:15:24 +0200
  • 2936a42bc7 address #626 Dirk 2017-05-09 21:58:03 +0200
  • 9ed47eaa19 FIX #718 (added TLS padding to ticketbleed handshake). Also added TLS extension Signature Algorithms Dirk 2017-05-09 17:29:57 +0200
  • 23e6209beb Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev Dirk 2017-05-08 23:55:19 +0200
  • ebd9e6ae65 manually merged #728 (see #423), credits also to @seccubus. Unfortunately the unit tests don't make so much sense atm Dirk 2017-05-08 23:51:37 +0200
  • 53da6da77b Merge pull request #730 from typingArtist/729_catch_read_timeout Dirk Wetter 2017-05-04 22:32:23 +0200
  • 699b48c8b8 lowering severity and taking other clients as browsers into account #735 Dirk 2017-05-04 12:34:20 +0200
  • 19052da1a5 Merge pull request #735 from tkaehn/alert_on_missing_sans Dirk Wetter 2017-05-04 11:52:47 +0200
  • 5293c51bc4 Alert on missing SANs #735 Thomas Kähn 2017-05-04 11:09:27 +0200
  • c9b6ee25b1 Delete 11_hpkp.t Dirk Wetter 2017-05-04 10:29:06 +0200
  • 7d8479f55e temporary disabled until either an replacement has been coded or host is up again Dirk 2017-05-04 10:14:42 +0200
  • f8d520d087 add STARTTLS_SLEEP_TARPIT option #732 typingArtist 2017-05-01 01:05:34 +0200
  • af409071a5 add support for single character reads as fallback for STARTTLS typingArtist 2017-05-01 00:56:45 +0200
  • 55bbeef36c correctly capture return code in starttls_full_read #730 typingArtist 2017-04-30 19:57:40 +0200
  • 05cfe1de58 Merge branch 'client_simulation' of github.com:drwetter/testssl.sh into client_simulation #728 Dirk 2017-04-28 21:16:44 +0200
  • 1d8299d26c honor stricter file append Dirk 2017-04-28 21:15:56 +0200
  • ba9c056dfc renamed browser --> client simulation Dirk 2017-04-28 20:35:07 +0200
  • c7f88d6600 make travis great again ;-) Dirk 2017-04-27 13:05:45 +0200
  • ef10fc3119 Merge pull request #726 from oerdnj/2.9dev-no-downgrade-breach Dirk Wetter 2017-04-25 23:10:11 +0200
  • c3fd0249f5 Revert "Downgrade BREACH attack to MEDIUM severity (as it depends on many things)" #726 Ondřej Surý 2017-04-25 16:32:06 +0200
  • bd4575e14d Merge pull request #724 from oerdnj/2.9dev Dirk Wetter 2017-04-25 16:27:47 +0200
  • 3d2666ab79 Downgrade BREACH attack to MEDIUM severity (as it depends on many things) #724 Ondřej Surý 2017-04-25 16:17:43 +0200
  • 3fe0975f27 Merge branch '2.9dev-return-code' into 2.9dev Ondřej Surý 2017-04-25 15:19:46 +0200
  • 9c7076b579 $? has an exitcode of the previous if then fi statement, use exit $ret #725 Ondřej Surý 2017-04-25 15:12:01 +0200
  • 4579ed2398 Fix prln usage to outln Ondřej Surý 2017-04-25 15:06:41 +0200
  • 8ea8513529 fixed in Testing server preferences --> Negotiated cipher the empty TMPfile which led to an ugly error Dirk 2017-04-24 19:18:39 +0200
  • f408b7dbb9 Merge 7a9e5127c7 into 7a99549e80 #713 Todd Swatling 2017-04-24 14:34:23 +0000
  • 7a99549e80 Merge pull request #721 from dcooper16/client_simulation_wide_option Dirk Wetter 2017-04-24 16:26:08 +0200
  • eea91a5a61 Merge branch '2.9dev' into client_simulation_wide_option #721 David Cooper 2017-04-24 08:50:53 -0400
  • 01489b9ca1 special treatment for empty serverhello for ticketbleed Dirk 2017-04-24 09:25:23 +0200
  • 2db8e8e8b1 use HAS_NO_SSL2 Dirk 2017-04-22 22:14:06 +0200
  • c8cd1318e9 FIX #719, still work to do for ticketbleed (#655) Dirk 2017-04-22 15:39:18 +0200
  • f8e1ad0b7f add missing # Dirk 2017-04-22 15:19:39 +0200
  • deab58fe26 Add wide option for client simulations David Cooper 2017-04-21 16:27:02 -0400
  • 584c933493 updated user agent for sneaky Dirk 2017-04-21 11:31:42 +0200
  • 7de5e0113b check in Dirk 2017-04-21 11:29:20 +0200
  • 8f61cb8166 saving work... Dirk 2017-04-21 10:52:29 +0200
  • 7b945cc659 Merge ae25166e8c into 28660f7a77 #530 Dirk Wetter 2017-04-21 04:48:27 +0000
  • a4fc081902 cleanup merge mess Dirk 2017-04-20 22:18:14 +0200
  • ed521c9683 save parse*ciphers Dirk 2017-04-20 22:16:17 +0200
  • 59a113b8c9 trying to clean up the merge mess Dirk 2017-04-20 22:07:20 +0200
  • 28660f7a77 corrected pr_warningln Dirk 2017-04-20 17:29:07 +0200
  • 1d992f3620 preview from clientsim branch, important to add now Dirk 2017-04-20 17:24:07 +0200
  • 06e574b5f1 Merge branch 'seccubus-client_simulation' into client_simulation Dirk 2017-04-20 17:00:08 +0200
  • cf382e783b Merge branch 'client_simulation' of github.com:drwetter/testssl.sh into client_simulation Dirk 2017-04-20 16:52:22 +0200
  • df21841847 from #423 Dirk 2017-04-20 16:52:05 +0200
  • cb4d9cc69a Fixed startssl protocol errors. count_lines function always returns at least 1 Frank Breedijk 2016-07-25 11:45:24 +0200
  • 7c676dfc63 FIX #717 -- doubel meaning fo '-h' Dirk 2017-04-19 19:46:54 +0200
  • 869ec9b9c3 Merge pull request #685 from dcooper16/openssl_location Dirk Wetter 2017-04-19 18:23:14 +0200
  • 219a07a620 Merge pull request #716 from gniltaws/2.9dev Dirk Wetter 2017-04-19 18:05:03 +0200
  • 828dda79f3 Merge pull request #715 from dcooper16/travis_check_for_html Dirk Wetter 2017-04-19 16:01:07 +0200
  • ee4975ac8a modified find_openssl_binary() to use TESTSSL_INSTALL_DIR since get_install_dir() works very hard to determine the where testssl actually is #716 Todd Swatling 2017-04-19 09:40:56 -0400
  • 6d1aec736e Add Travis test for HTML output #715 David Cooper 2017-04-19 09:19:24 -0400
  • f7540cae57 Merge branch '2.9dev' into openssl_location #685 David Cooper 2017-04-19 09:13:33 -0400
  • 7a9e5127c7 removed unnecessary echo statements based on output from shellcheck "SC2005: Useless echo? Instead of 'echo $(cmd)', just use 'cmd'. " #713 Todd Swatling 2017-04-18 22:52:53 -0400
  • 68d80ce776 based on output from shellcheck "SC2155: Declare and assign separately to avoid masking return values." Todd Swatling 2017-04-18 19:28:50 -0400
  • c4a2ba8b49 vuln count adjusted Dirk 2017-04-19 01:21:13 +0200
  • 51497c9dfb Merge pull request #714 from drwetter/revert-712-travis_check_for_html Dirk Wetter 2017-04-19 00:55:35 +0200
  • 9164230186 Revert "Add Travis test for HTML output" #714 Dirk Wetter 2017-04-19 00:53:38 +0200
  • 5285c26759 Merge pull request #712 from dcooper16/travis_check_for_html Dirk Wetter 2017-04-19 00:38:27 +0200
  • 9ff868b083 fix travis Dirk 2017-04-19 00:35:55 +0200
  • 2469603a7f save also 1x connect for heartbleed() by reusing a previoulsy identified protocol Dirk 2017-04-19 00:30:09 +0200
  • de79bd6b0e implemented ticketbleed (experimental). Renamed other vulnerabilty checks to easier memorize each check: -H is now --heartbleed instead of --headers, -B is now --breach instead of --heartbleed, -T is now --ticketbleed (was previously --breach) Dirk 2017-04-18 23:15:32 +0200
  • eb62749a29 converted 'egrep' to 'grep -E' for POSIX support, based on output from shellcheck "SC2196: egrep is non-standard and deprecated. Use grep -E instead." Todd Swatling 2017-04-18 17:08:07 -0400
  • ac5b9a8a78 minor polishing, correct handshake length Dirk 2017-04-18 23:06:12 +0200
  • 38859afe5a modified find_openssl_binary() to use TESTSSL_INSTALL_DIR since get_install_dir() works very hard to determine the where testssl actually is Todd Swatling 2017-04-18 16:27:38 -0400
  • d8cf074cec removed trailing spaces Todd Swatling 2017-04-18 12:57:54 -0400
  • dd9b3919fc PoC uploaded Dirk 2017-04-16 20:38:47 +0200
  • c76f6019e3 Fix typo #712 David Cooper 2017-04-14 16:31:46 -0400
  • 6d55b2e6f3 Include banner in check David Cooper 2017-04-14 16:25:49 -0400
  • 1249157afd Handle differing HTTP clock skew David Cooper 2017-04-14 11:39:28 -0400
  • d82f809c6d Add Travis test for HTML output David Cooper 2017-04-14 11:24:26 -0400
  • 7747d965d4 Merge branch '2.9dev' into openssl_location David Cooper 2017-04-14 09:12:20 -0400
  • 4b833b7b6e code readability improvements Dirk 2017-04-14 11:26:01 +0200
  • 3d8c8769a9 Merge pull request #709 from dcooper16/fix_616 Dirk Wetter 2017-04-14 11:04:54 +0200
  • 0b9c04350d Merge pull request #710 from dcooper16/debug_output_in_html Dirk Wetter 2017-04-14 11:03:48 +0200
  • 27124a404b Merge branch '2.9dev' into debug_output_in_html #710 David Cooper 2017-04-13 16:34:44 -0400
  • 2bfc0dc1d7 Merge branch '2.9dev' into fix_616 #709 David Cooper 2017-04-13 16:33:57 -0400