Footprinting, Reconnaissance

SSL Protocol Scanner – Reconnaissance

sslscan – queries SSL/TLS enabled services, such as HTTPS, to discover supported cipher suites. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.


sslscan [Options] [host:port | host]


--targets=<file>     A file containing a list of hosts to check.
                       Hosts can  be supplied  with ports (host:port)
  --ipv4               Only use IPv4
  --ipv6               Only use IPv6
  --failed             Show unsupported ciphers.
  --show-certificate   Show full certificate information.
  --no-check-certificate      Don't warn about weak certificate algorithm or keys.
  --show-client-cas   Show trusted CAs for TLS client auth.
  --show-ciphers       Show supported client ciphers.
  --ssl2               Only check SSLv2 ciphers.
  --ssl3               Only check SSLv3 ciphers.
  --tls10              Only check TLSv1.0 ciphers.
  --tls11              Only check TLSv1.1 ciphers.
  --tls12              Only check TLSv1.2 ciphers.
  --tlsall             Only check TLS ciphers (all versions).
  --pk=<file>          A file containing the private key or a PKCS#12 file
                       containing a private key/certificate pair
  --pkpass=<password>  The password for the private  key or PKCS#12 file
  --certs=<file>       A file containing PEM/ASN1 formatted client certificates
  --no-ciphersuites    Only check for supported SSL/TLS versions, not ciphers
  --no-renegotiation   Do not check for TLS renegotiation
  --no-compression     Do not check for TLS compression (CRIME)
  --no-heartbleed      Do not check for OpenSSL Heartbleed (CVE-2014-0160)
  --no-preferred       Do not determine preferred ciphers
  --starttls-ftp       STARTTLS setup for FTP
  --starttls-imap      STARTTLS setup for IMAP
  --starttls-pop3      STARTTLS setup for POP3
  --starttls-smtp      STARTTLS setup for SMTP
  --starttls-xmpp      STARTTLS setup for XMPP
  --http               Test a HTTP connection.
  --rdp                Send RDP preamble before starting scan.
  --bugs               Enable SSL implementation bug work-arounds
  --timeout=<sec>      Set socket timeout. Default is 3s.
  --sleep=<msec>       Pause between connection request. Default is disabled.
  --xml=<file>         Output results to an XML file.
  --version            Display the program version.
  --verbose            Display verbose output.
  --no-colour          Disable coloured output.
  --help               Display the  help text  you are  now reading

IP address

sslscan x.x.x.x



Home page of sslscan
sslscan sourceforge page
sslscan github page