small work on Example section

Dirk Wetter 2017-06-13 09:11:29 +02:00
parent 431c5d7ede
commit 3e00db1dbe

@ -127,10 +127,26 @@ A few file output options can also be preset via environment variables.
`testssl.sh <options> <URI> | aha >output.html` -->
--append if <csvfile> or <jsonfile> exists rather append then overwrite
### STARTTLS
### EXAMPLES
testssl.sh testssl.sh
For STARTTLS you need to aim at the text/plain port, provide ``-t/--smtp`` and the port : ``testssl.sh -t smtp smtp.gmail.com:25`` or e.g. ``testssl.sh -t imap imap.gmx.net:143``. Please note that for plain encrypted ports you do not have to specify the protocol option: ``testssl.sh smtp.gmail.com:465`` tests the encryption on the SMTPS port, ``testssl.sh imap.gmx.net:993`` on the IMAPS port.
does a default run on https://testssl.sh (protocols, standard cipher lists, PFS, server preferences, server defaults, vulnerabilities, testing all (359 possible) ciphers, client simulation.
testssl.sh testssl.net:443
does the same default run as above with the subtle difference that testssl.net has two IPv4 addresses. Both are tested.
testssl.sh --ip=one --wide https://testssl.net:443
does the same checks as above, only (randomly) one IP address is picked. Displayed is everything where possible in wide format.
testssl.sh -t smtp smtp.gmail.com:25
implicilty does a STARTTLS handshake on the plain text port, then check the IPs @ smtp.gmail.com.
testssl.sh --starttls=imap imap.gmx.net:143
does the same on the plain text IMAP port. Please note that for plain TLS-encrypted ports you must not specify the protocol option: ``testssl.sh smtp.gmail.com:465`` tests the encryption on the SMTPS port, ``testssl.sh imap.gmx.net:993`` on the IMAPS port.
### Exit status