diff --git a/Man-page.md b/Man-page.md index c96b989..54eb987 100644 --- a/Man-page.md +++ b/Man-page.md @@ -127,10 +127,26 @@ A few file output options can also be preset via environment variables. `testssl.sh | aha >output.html` --> --append if or exists rather append then overwrite -### STARTTLS +### EXAMPLES + testssl.sh testssl.sh -For STARTTLS you need to aim at the text/plain port, provide ``-t/--smtp`` and the port : ``testssl.sh -t smtp smtp.gmail.com:25`` or e.g. ``testssl.sh -t imap imap.gmx.net:143``. Please note that for plain encrypted ports you do not have to specify the protocol option: ``testssl.sh smtp.gmail.com:465`` tests the encryption on the SMTPS port, ``testssl.sh imap.gmx.net:993`` on the IMAPS port. +does a default run on https://testssl.sh (protocols, standard cipher lists, PFS, server preferences, server defaults, vulnerabilities, testing all (359 possible) ciphers, client simulation. + testssl.sh testssl.net:443 + +does the same default run as above with the subtle difference that testssl.net has two IPv4 addresses. Both are tested. + + testssl.sh --ip=one --wide https://testssl.net:443 + +does the same checks as above, only (randomly) one IP address is picked. Displayed is everything where possible in wide format. + + testssl.sh -t smtp smtp.gmail.com:25 + +implicilty does a STARTTLS handshake on the plain text port, then check the IPs @ smtp.gmail.com. + + testssl.sh --starttls=imap imap.gmx.net:143 + +does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: ``testssl.sh smtp.gmail.com:465`` tests the encryption on the SMTPS port, ``testssl.sh imap.gmx.net:993`` on the IMAPS port. ### Exit status