testssl.sh

Go to file

Dirk b3efb3c4b0 - BUGFIX: potential stalling in HTTP Header query

- BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still
check crime and also spdy => gmail has spdy for pop and imap)
- Feature: service detection: HTTP, IMAP, POP, SMTP
- alignment in rDNS output corrected
- minor cleanup / improvements

2014-11-30 01:30:20 +01:00

openssl-bins

Update Readme.md

2014-11-24 16:43:11 +01:00

bash-heartbleed.changelog.txt

- first try to commit here

2014-07-01 16:28:16 +02:00

bash-heartbleed.sh

- increase first read buffer -- otherwise it's how up at hb reply and lead to false positives

2014-11-20 18:55:51 +01:00

ccs-injection.sh

better documentation

2014-11-03 21:45:48 +01:00

CHANGELOG.txt

2014-07-16 19:06:26 +02:00

checkcert.sh

- for clarification hint to license file

2014-10-07 11:15:05 +02:00

CREDITS.md

@oparoz

2014-11-19 13:26:48 +01:00

LICENSE

Initial commit

2014-07-01 13:55:26 +02:00

mapping-rfc.txt

- stripping of leading 0 in testssl.sh needed to be reflected by this file

2014-11-18 11:04:57 +01:00

openssl-rfc.mappping.html

TLS_FALLBACK_SCSV

2014-10-30 21:14:50 +01:00

Readme.md

Added compatilibility with MSYS2 on Windows

2014-11-18 13:30:56 +11:00

testssl.sh

- BUGFIX: potential stalling in HTTP Header query

2014-11-30 01:30:20 +01:00

Readme.md

Intro

testssl.sh is a free Unix command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for a "is this good or bad" decision.

It is working on every Linux distribution, MacOS X and Windows (using MSYS2) which has OpenSSL, /bin/bash and standard tools like GNU sed and awk installed.

On github (here) you will find development versions of the software -- with new features and maybe some bugs. For the stable version and a more thorough description of the software please see http://testssl.sh/ .

Contributions, feedback, also bug reports are welcome.