Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-18 09:52:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 637812a022 bali out if both flat and pretty JSON outout was specified Dirk 2017-07-10 10:57:48 +02:00
  • 1f76c4d144 Merge branch '2.9dev' into hpkp_bugfix David Cooper 2017-07-06 08:59:00 -04:00
  • bc0c1dc553 FIX #779 Dirk 2017-07-06 13:02:27 +02:00
  • 26ec80e764 run_hpkp() bug fix David Cooper 2017-07-03 14:28:21 -04:00
  • 7aaadf731c Merge pull request #773 from sdann/postgres_cleanup Dirk Wetter 2017-07-01 10:43:05 +02:00
  • 4cb48a1399 Merge branch '2.9dev' into postgres_cleanup Dirk Wetter 2017-07-01 10:25:28 +02:00
  • 02488884bb added experimental label for MySQL STARTTLS protocol Dirk 2017-07-01 10:11:34 +02:00
  • 152c5c225c Merge pull request #774 from sdann/mysql_starttls Dirk Wetter 2017-07-01 10:05:05 +02:00
  • 123db1d694 Add mysql (openssl) starttls support Steven Danneman 2017-06-29 14:57:32 -07:00
  • 2a2e9ebc07 Rename variable as it is not a regex Steven Danneman 2017-06-30 15:57:41 -07:00
  • e4212f4fb3 Remove use of "postgress" with extra 's' for secure Steven Danneman 2017-06-29 14:39:22 -07:00
  • 2d007e4c8b increased verbosity for some standard cipher lists Dirk 2017-06-29 17:58:58 +02:00
  • 62ce04adf0 remove redundant option "false" in --warnings Dirk 2017-06-28 20:28:23 +02:00
  • 9d699d1248 straighten server header markup Dirk 2017-06-22 13:39:37 +02:00
  • ff63700c6e add few more header flags, work on #765 Dirk 2017-06-20 23:18:15 +02:00
  • 4cb435a549 added several insecurity headers Dirk 2017-06-20 11:31:22 +02:00
  • f53c3c1377 removed separate option for SPDY and HTTP/2 , addressing #767 Dirk 2017-06-20 08:43:35 +02:00
  • 4c73afeef8 fix for nmap file parser (not properly assigned ip variable) Dirk 2017-06-14 09:24:20 +02:00
  • 7094c4436f also now honor different ports per host from nmap file. Dirk 2017-06-13 18:42:07 +02:00
  • 531b4453ef new function for guessing "port --> invoking" assignments Dirk 2017-06-13 15:19:28 +02:00
  • 18cbdcc272 Will Hunt Dirk Wetter 2017-06-13 08:41:32 +02:00
  • 0488ef1a5f Will Hunt Dirk Wetter 2017-06-13 08:40:31 +02:00
  • ff37bc3bef Create Readme.md Dirk Wetter 2017-06-13 00:29:44 +02:00
  • f7fdefcdc0 mass testing nmap grep(p)able prefers now hostname instead of ip address in nmap file Dirk 2017-06-12 22:56:36 +02:00
  • e0960c5379 --parallel is now shortcut for --mode=parallel Dirk 2017-06-12 19:07:58 +02:00
  • 241b6e4d2e parallel mass testing mode, Ticketbleed+client auth, parallel mode also for nmap Dirk 2017-06-12 18:23:55 +02:00
  • 1b0ac5ffd6 first version of implicit parsing for nmap greppable files (-oG) Dirk 2017-06-12 17:09:52 +02:00
  • 30d3233cb4 Merge branch 'SAN_preferred' into 2.9dev Dirk 2017-06-09 13:48:28 +02:00
  • 69fa8ca378 several improvements Dirk 2017-06-09 12:45:22 +02:00
  • 15219475e9 strip supplied port automatically Dirk 2017-06-09 11:27:59 +02:00
  • b69505223a added "gmap2testssl.sh": utility which converts grepable nmap output to testssl's file input Dirk 2017-06-09 11:22:11 +02:00
  • 53b6e2cfe8 changed PoC to a 3 rounder test (like testssl.sh) to increase reliability. Dirk 2017-06-07 18:16:18 +02:00
  • 5bb5c19e63 cleanup before addressing #592 Dirk 2017-06-07 09:54:24 +02:00
  • 861b38bce5 Merge pull request #761 from dcooper16/SAN_preferred_update Dirk Wetter 2017-06-07 09:38:22 +02:00
  • dd0fc73be0 SAN_preferred updates David Cooper 2017-06-02 15:28:06 -04:00
  • a8ffa66cad output polishing for must staple Dirk 2017-06-01 18:15:44 +02:00
  • 63cb4ffc5e improved high level sections of DNS in determine_ip_addresses() Dirk 2017-06-01 18:08:13 +02:00
  • a90eb8c9be FIX #744 Dirk 2017-06-01 16:24:45 +02:00
  • f3f29cd85c Merge pull request #760 from dcooper16/fix_757 Dirk Wetter 2017-06-01 15:51:21 +02:00
  • e4f64463a4 FIX #758 Dirk 2017-06-01 15:47:38 +02:00
  • 5807b5e993 Fix #757 David Cooper 2017-06-01 09:36:03 -04:00
  • a73a92b64d Merge branch 'SAN_preferred' of github.com:drwetter/testssl.sh into SAN_preferred Dirk 2017-06-01 15:20:36 +02:00
  • e035dabb13 Trying to address #733, not complete yet (see also #735). Dirk 2017-06-01 15:19:21 +02:00
  • 252cceb5dd Trying to address #735, not complete yet. Dirk 2017-06-01 14:52:19 +02:00
  • 5890677d85 chmodded Dirk 2017-06-01 11:14:52 +02:00
  • de5b2aa042 readded basic check from seccubus whether check via starttls works Dirk 2017-06-01 11:14:04 +02:00
  • bd015b9129 Merge pull request #753 from dcooper16/mass_testing_command_line_error Dirk Wetter 2017-05-31 21:37:54 +02:00
  • 91b9236055 PoC for unit test in bash Dirk 2017-05-31 10:30:02 +02:00
  • 28dadbfb19 Merge branch '2.9dev' into mass_testing_command_line_error David Cooper 2017-05-30 16:52:55 -04:00
  • 55b89ee131 Rename 02_http.t to 32_http.t Dirk Wetter 2017-05-30 22:15:13 +02:00
  • 4afedb45b1 Rename 01_badssl.com.t to 31_badssl.com.t Dirk Wetter 2017-05-30 22:14:19 +02:00
  • 8e1ace839f Merge pull request #755 from dcooper16/stop_parent Dirk Wetter 2017-05-30 21:05:05 +02:00
  • 0f09af8566 Stop parent if child encounters parsing error David Cooper 2017-05-24 17:12:18 -04:00
  • c831dd0fd3 Handle all empty JSON file cases David Cooper 2017-05-23 14:52:25 -04:00
  • 01fb0ba9a2 Merge branch '2.9dev' into mass_testing_command_line_error David Cooper 2017-05-23 08:57:49 -04:00
  • de177a774c fix formatting problem in run_client_simulation() wide mode when CHACHA20/POLY1305-OLD ciphers are encountered and remove 4 columns before protocols. Dirk 2017-05-22 23:04:58 +02:00
  • 1311fe595b Massing testing with command line error David Cooper 2017-05-22 16:57:15 -04:00
  • 26bf3300e8 Delete mapping.txt Dirk Wetter 2017-05-22 11:38:23 +02:00
  • d64fabafd5 completed the commit 601c810240 Dirk 2017-05-19 20:28:18 +02:00
  • 601c810240 add stderr to line showing "Waiting for test" FIX #750 Dirk 2017-05-19 17:09:47 +02:00
  • 041abd57ce FIX #749 and #751 Dirk 2017-05-19 17:00:30 +02:00
  • 83b3be5636 update to also reflect dcooper16's work Dirk 2017-05-17 18:56:07 +02:00
  • a3c318655d Merge pull request #745 from dcooper16/run_mass_testing_parallel2 Dirk Wetter 2017-05-17 18:34:13 +02:00
  • a5e224b082 Update Readme.md Dirk Wetter 2017-05-17 09:03:15 +02:00
  • 9d9a658dca More improvements to mass testing in parallel David Cooper 2017-05-16 14:16:35 -04:00
  • dfda82aa7d Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev Dirk 2017-05-16 09:46:55 +02:00
  • 3b1638f603 small performance improvement for prepare_arrays() by replacing grep + awk by awk only Dirk 2017-05-16 09:45:16 +02:00
  • 59a175cba3 changed to Linux Dirk 2017-05-15 20:53:09 +02:00
  • 5bb1a67dde Update Readme.md Dirk Wetter 2017-05-15 20:14:11 +02:00
  • e8b5a82c7e Considerable reliability improvements for ticketbleed: if a handshake server hello was received, testssl.sh tries 3 times to get memory from the server, If the server returns different memory it's highly likely vulnerable. (some more vulnerable devices to test against would be appreciated). Dirk 2017-05-15 19:47:13 +02:00
  • b694930fc2 RFC 5077 states that the server MAY give a hint of the lifetime of the ticket. Sometimes it just does not. In those case also sometimes session resumption via tickets is supported. Dirk 2017-05-15 13:18:20 +02:00
  • 49b1be9f34 fix json/csv output for ticketbleed Dirk 2017-05-15 10:08:34 +02:00
  • b4889a731b Upgraded proxy sockets to use CONNECT 1.0 to avoid proxy problems -- for the time being (see also #741/ #739) Dirk 2017-05-12 18:31:59 +02:00
  • 2aa68827b9 don't do double work, reordering stuff Dirk 2017-05-12 17:58:20 +02:00
  • f70bc4e08f better platform support, revert to pure /bin/sh, better verbosity... Dirk 2017-05-12 17:21:45 +02:00
  • bed1f8cc0d Merge pull request #743 from dcooper16/broken_pipe Dirk Wetter 2017-05-12 16:18:18 +02:00
  • 9897debd4d Prevent broken pipe error David Cooper 2017-05-12 09:51:19 -04:00
  • 0eb88ff8dc FIX #626 v2.8 2.8 Dirk 2017-05-10 21:04:48 +02:00
  • 2750febb2f Merge pull request #740 from dcooper16/run_mass_testing_parallel Dirk Wetter 2017-05-10 18:49:55 +02:00
  • 55df788937 Improvements to mass testing in parallel David Cooper 2017-05-10 12:18:59 -04:00
  • 2936a42bc7 address #626 Dirk 2017-05-09 21:58:03 +02:00
  • 9ed47eaa19 FIX #718 (added TLS padding to ticketbleed handshake). Also added TLS extension Signature Algorithms Dirk 2017-05-09 17:29:57 +02:00
  • 23e6209beb Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev Dirk 2017-05-08 23:55:19 +02:00
  • ebd9e6ae65 manually merged #728 (see #423), credits also to @seccubus. Unfortunately the unit tests don't make so much sense atm Dirk 2017-05-08 23:51:37 +02:00
  • 53da6da77b Merge pull request #730 from typingArtist/729_catch_read_timeout Dirk Wetter 2017-05-04 22:32:23 +02:00
  • 699b48c8b8 lowering severity and taking other clients as browsers into account #735 Dirk 2017-05-04 12:34:20 +02:00
  • 19052da1a5 Merge pull request #735 from tkaehn/alert_on_missing_sans Dirk Wetter 2017-05-04 11:52:47 +02:00
  • 5293c51bc4 Alert on missing SANs Thomas Kähn 2017-05-04 11:09:27 +02:00
  • c9b6ee25b1 Delete 11_hpkp.t Dirk Wetter 2017-05-04 10:29:06 +02:00
  • 7d8479f55e temporary disabled until either an replacement has been coded or host is up again Dirk 2017-05-04 10:14:42 +02:00
  • 55bbeef36c correctly capture return code in starttls_full_read typingArtist 2017-04-30 19:57:40 +02:00
  • ba9c056dfc renamed browser --> client simulation Dirk 2017-04-28 20:35:07 +02:00
  • ef10fc3119 Merge pull request #726 from oerdnj/2.9dev-no-downgrade-breach Dirk Wetter 2017-04-25 23:10:11 +02:00
  • c3fd0249f5 Revert "Downgrade BREACH attack to MEDIUM severity (as it depends on many things)" Ondřej Surý 2017-04-25 16:32:06 +02:00
  • bd4575e14d Merge pull request #724 from oerdnj/2.9dev Dirk Wetter 2017-04-25 16:27:47 +02:00
  • 3d2666ab79 Downgrade BREACH attack to MEDIUM severity (as it depends on many things) Ondřej Surý 2017-04-25 16:17:43 +02:00
  • 3fe0975f27 Merge branch '2.9dev-return-code' into 2.9dev Ondřej Surý 2017-04-25 15:19:46 +02:00
  • 9c7076b579 $? has an exitcode of the previous if then fi statement, use exit $ret Ondřej Surý 2017-04-25 15:12:01 +02:00
  • 4579ed2398 Fix prln usage to outln Ondřej Surý 2017-04-25 15:06:41 +02:00
  • 8ea8513529 fixed in Testing server preferences --> Negotiated cipher the empty TMPfile which led to an ugly error Dirk 2017-04-24 19:18:39 +02:00