Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-11-30 06:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

furher stuff

Dirk Wetter 2017-06-18 17:21:30 +02:00
parent 03dd78b43e
commit 002c11da99
1 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
Man-page.md

@ -10,6 +10,33 @@
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as cryptographic flaws and much more.
The output rate findings by color (screen) or severity (file output) so that you are able to tell whether something is good or bad. The (screen) output has several sections in which classes of checks are being performed. To ease readability on the screen it aligns and indents the output properly.
Except DNS lookups it doesn't use any third parties for checks, it's only you who sees the result and you also can use it internally on your LAN.
Portability is another core feature, it runs under any Unix-like stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2). ``/bin/bash`` (also version 3) is a prerequisite as well as standard utilities like awk, sed, tr and head. This can be of BSD, System 5 or GNU flavor whereas grep from System V is not yet supported.
### GENERAL
``testssl.sh <hostname>`` is the so-called default run which does a number of checks and puts out the results colorized (ANSI and termcap) on the screen. Following checks are being done (order of appearance):
0) displays a banner (see below), does a DNS lookup also for further IP addresses and does for the returned IP address a reverse lookup. Last but not least a service check is being done.
1) SSL/TLS protocol check
2) standard cipher categories to give you upfront an idea for the ciphers supported
3) checks (perfect) forward secrecy: ciphers and elliptical curves
4) server preferences
5)
6)
### OPTIONS
Options are either short or long options. All options requiring a value can be called with or without '=' e.g. ``testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>`` is equivalent to ``testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl <URI>``. Some options can also be preset via ENV variables. ``WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp <URI>`` would be the equivalent to the aforementioned examples. Preference has the command line over ENV.
``\<URI\>`` or ``\<FILE\>`` needs always to be the last parameter.
@ -61,6 +88,11 @@ The nmap output always returns IP addresses and -- only if there's a PTR DNS rec
``--assuming-http`` testssl.sh does upfront a protocol detection on the application layer. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option. It helps you to tell testssl.sh not to skip HTTP specific tests and to run the client simulation with browsers. Sometimes also the severity depends on the application protocol, e.g. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server.
``-n, --no-dns`` testssl.sh does no DNS lookups. It's useful if you either can't or are not willing to do DNS lookups. The latter applies e.g. to some pentests, the former could e.g. help you to avoid timeouts by DNS lookups.
``--sneaky`` As a friendly feature for the server side testssl.sh uses a user agent ``TLS tester from <URL>`` (HTTP). With this option your traces are less verbose and a firefox user agent is being used. Be aware that it doesn't hide your activities.
##### DEFAULT CHECKS
testssl.sh <options> URI (`testssl.sh URI` does everything except `-E`)