Fast full-featured SSL scanner

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.

Key features

  • Multi-processed and multi-threaded scanning: it’s very fast.
  • Support for all SSL protocols, from SSL 2.0 to TLS 1.2.
  • SSLyze can also be used as a library, in order to run scans and process the results directly from Python.
  • Performance testing: session resumption and TLS tickets support.
  • Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more.
  • Server certificate validation and revocation checking through OCSP stapling.
  • Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
  • Support for client certificates when scanning servers that perform mutual authentication.

Installation
SSLyze can be installed directly via pip:

pip install sslyze

or

git clone https://github.com/nabla-c0d3/sslyze /opt/sslyze
cd /opt/sslyze
pip install -r requirements.txt --target ./lib

Usage
python sslyze_cli.py –regular www.yahoo.com:443 www.google.com

Platforms
SSLyze has been tested on the following platforms:
Windows 7 (32 and 64 bits), Debian 7 (32 and 64 bits), OS X El Capitan.

%d bloggers like this: