Testing TLS/SSL encryption anywhere on any port. https://testssl.sh/
Go to file
Dirk be2a0f613a Merge branch 'master' of github.com:drwetter/testssl.sh
Conflicts:
	openssl-bins/openssl-1.0.2-chacha.pm/openssl32-1.0.2pm-krb5.chacha+poly.asc
	openssl-bins/openssl-1.0.2-chacha.pm/openssl64-1.0.2pm-krb5.chacha+poly.asc
2015-02-05 09:54:24 +01:00
openssl-bins/openssl-1.0.2-chacha.pm Merge branch 'master' of github.com:drwetter/testssl.sh 2015-02-05 09:54:24 +01:00
utils Merge branch 'master' of github.com:drwetter/testssl.sh 2015-02-05 09:54:24 +01:00
CHANGELOG.txt 2014-07-16 19:06:26 +02:00
CREDITS.md @nvsofts for LibreSSL patch 2015-01-29 09:34:32 +01:00
LICENSE Initial commit 2014-07-01 13:55:26 +02:00
mapping-rfc.txt - stripping of leading 0 in testssl.sh needed to be reflected by this file 2014-11-18 11:04:57 +01:00
openssl-rfc.mappping.html TLS_FALLBACK_SCSV 2014-10-30 21:14:50 +01:00
Readme.md Update Readme.md 2015-01-30 10:35:07 +01:00
testssl.sh - checking protoype of tls sockets but not called/working yet 2015-02-04 09:48:34 +01:00

Intro

Gitter

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for a "is this good or bad" decision.

It is working on every Linux distribution out of the box with the limitations of disabled features from the openssl client. It also works on BSD and other Unices out of the box, supposed they have /bin/bash and standard tools like sed and awk installed. MacOS X and Windows (using MSYS2) work too.

On github you will find in the master branch the development version of the software -- with new features and maybe some bugs. For the stable version and a more thorough description of the software please see testssl.sh.

New features in this release are / will be

  • certificate information (done),
  • more HTTP header infos (partly done, needs cleanup and redir check),
  • protocol check via bash sockets (SSLv2: done, rest to be integrated, see directory utils)
  • maybe cipher check via bash sockets (not done yet)
  • debug file handling (ongoing)
  • BEAST (works, need some polishing for the output)

Contributions, feedback, also bug reports are welcome.