Framework and command-line tool to scan SSL enabled services

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for PhiBo from gravatar.com PhiBo

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Lesser General Public License v3 or later (LGPLv3+) (LGPLv3+)
  • Author: PhiBo (DinoTools)
Classifiers

Project description

pySSLScan is a framework to scan SSL enabled services, in order to determine the supported ciphers, preferred ciphers, certificate information and more. It is designed to be flexible, lean and fast.

It can be used as a library in other software projects and provides a command-line tool to get started.

You can find more information in the documentation.

Features

  • Query SSL services

  • Supported cryptographic protocols:

    • SSLv2, SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2

    • DTLS 1.0 and DTLS 1.2

  • Supported Protocols:

    • TCP, HTTP, IMAP, POP3, SMTP, LDAP and RDP

    • UDP

  • IPv4 and IPv6

  • Scan modules:

    • Supported ciphers

    • Ciphers preferred

    • Supported compression methods

    • Supported elliptic curves

    • Test support for Signaling Cipher Suite Value (SCSV)

    • Extract EC Point Formats

    • Server certificate (requires pyOpenSSL)

    • Test renegotiation (requires pyOpenSSL)

    • Detect vulnerabilities

      • Heartbleed

    • Extract server information: HTTP, IMAP, POP3 and SMTP

  • Rule based result highlighting

  • Output formats:

    • text/terminal

Install

Requirements:

  • Python 2.7 or Python >= 3.2

  • Python packages:

    • flextls >= 0.3

    • six >= 1.4.1

  • Python packages(optional):

    • cryptography >= 0.5

    • pyOpenSSL >= 0.14

Install:

At the time of writing pySSLScan requires the development version of the cryptography packages. Use the source directly from the git repository. https://github.com/pyca/cryptography

$ pip install sslscan

Usage

To scan a HTTPS service:

$ pysslscan scan --scan=protocol.http --scan=vuln.heartbleed --scan=server.renegotiation \
  --scan=server.preferred_ciphers --scan=server.ciphers \
  --report=term:rating=ssllabs.2009e --ssl2 --ssl3 --tls10 --tls11 --tls12 http://example.org

To display more information:

$ pysslscan --help

License

Published under the LGPLv3+ (see LICENSE for more information)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for PhiBo from gravatar.com PhiBo

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Lesser General Public License v3 or later (LGPLv3+) (LGPLv3+)
  • Author: PhiBo (DinoTools)
Classifiers

Release history Release notifications | RSS feed

0.5.1

This version

0.5

0.4

0.2

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sslscan-0.5.tar.gz (26.0 kB view details)

Uploaded Source

File details

Details for the file sslscan-0.5.tar.gz.

File metadata

  • Download URL: sslscan-0.5.tar.gz
  • Upload date:
  • Size: 26.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for sslscan-0.5.tar.gz
Algorithm Hash digest
SHA256 6953ead9071db7068d2893f2feac192174e69125168e7220334cd86d98ed9ef2
MD5 95fd765e0115b588b9f332e5720684cc
BLAKE2b-256 1ae439b10eaf5fc365df90d0d2564b377d0cb092bed9d3c465fc89b87249b01e

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page