Join our ForumHERE
OR
Join our WhatsApp Group HERE

Join our Active Telegram Group chat for latest updates - Click to Join

Get Our Free Browsing Tweaks via Sms. Kindly sms Follow IMONSTECH to 40404. On Any Network And Sms is free.
internetshub

How to Test SSL Security Including Ciphers, Protocols & Detect Flaws ?

Share:


testssl.sh is a free command line tool to test SSL security, it checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more
testssl.sh is pretty much portable/compatible.

 It is working on every Linux, Mac OS X, FreeBSD distribution, on MSYS2/Cygwin (slow). It is supposed also to work on any other unixoid systems. A newer OpenSSL version (1.0) is recommended though. /bin/bash is a prerequisite – otherwise there would be no sockets.
Features to Test SSL Security in testssl.ssh

    Clear output: you can tell easily whether anything is good or bad.

    Ease of installation: It works for Linux, Darwin, FreeBSD and MSYS2/Cygwin out of the box: no need to install or configure something, no gems, CPAN, pip or the like.

    Flexibility: You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443

    Toolbox: Several command line options help you to run YOUR test and configure YOUR output.
    Reliability: features are tested thoroughly.

    Verbosity: If a particular check cannot be performed because of a missing capability on your client side, you’ll get a warning.

    Privacy: It’s only you who sees the result, not a third party.

    Freedom: It’s 100% open source. You can look at the code, see what’s going on and you can change it. Heck, even the development is open (github)

Usage of testssl.sh SSL Security Testing Tool
testssl.sh is pretty much portable/compatible.

 It is working on every Linux, Mac OS X, FreeBSD distribution, on MSYS2/Cygwin (slow). It is supposed also to work on any other unixoid systems. A newer OpenSSL version (1.0) is recommended though. /bin/bash is a prerequisite – otherwise there would be no sockets.
Features to Test SSL Security in testssl.ssh

    Clear output: you can tell easily whether anything is good or bad.

    Ease of installation: It works for Linux, Darwin, FreeBSD and MSYS2/Cygwin out of the box: no need to install or configure something, no gems, CPAN, pip or the like.

    Flexibility: You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443.

    Toolbox: Several command line options help you to run YOUR test and configure YOUR output.

    Reliability: features are tested thoroughly.

    Verbosity: If a particular check cannot be performed because of a missing capability on your client side, you’ll get a warning.

    Privacy: It’s only you who sees the result, not a third party.

    Freedom: It’s 100% open source. You can look at the code, see what’s going on and you can change it. Heck, even the development is open (github).

Usage of testssl.sh SSL Security Testing Tooltestssl.sh is pretty much portable/compatible.

It is working on every Linux, Mac OS X, FreeBSD distribution, on MSYS2/Cygwin (slow). It is supposed also to work on any other unixoid systems.

A newer OpenSSL version (1.0) is recommended though. /bin/bash is a prerequisite – otherwise there would be no sockets.
Features to Test SSL Security in testssl.ssh

    Clear output: you can tell easily whether anything is good or bad.

    Ease of installation: It works for Linux, Darwin, FreeBSD and MSYS2/Cygwin out of the box: no need to install or configure something, no gems, CPAN, pip or the like.

    Flexibility: You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443

    Toolbox: Several command line options help you to run YOUR test and configure YOUR output

    Reliability: features are tested thoroughly

    Verbosity: If a particular check cannot be performed because of a missing capability on your client side, you’ll get a warning

    Privacy: It’s only you who sees the result, not a third party

    Freedom: It’s 100% open source. You can look at the code, see what’s going on and you can change it. Heck, even the development is open (github)

No comments