sslyze Fast and Full-Featured SSL Scanner

SSL or secure socket layer was the best way to encrypt the on going and out going request but now there are so many tools are available to exploit SSL, beside these tools there are so many tutorials and techniques that will help to exploit a SSL. SSL is a transport layer (OSI model) security that is known as TLS. Tools like THC-SSL-DOS and sslyze are the best among the hackers and crackers, the main point here is that TLS security is on OWASP top 10 list so we cannot neglect the importance of SSL.

How to Install Sslyze

Supported platforms are Windows 7 and Linux, both 32 and 64 bits. Other platforms (including Mac OS X) are not officially supported yet, but SSLyze might work if you're lucky.

Linux

Prerequisites: Python 2.6 or 2.7 and OpenSSL 0.9.8+.
Packageis here.

Windows

Prerequisites: Python 2.6 or 2.7. OpenSSL 1.0.0c is part of the installation package. There is one package for Python 32 bits, and one for Python 64 bits.
Packagesare here.

Sslyze Tutorial

The following command line should be used:

$ python sslyze.py [options] www.target1.com www.target2.com:443 etc...

Several command line options are available. See the other articles within the wiki for more details regarding each options.

Options

Regular Scan "--regular"

Performs a regular scan. It's a shortcut for --sslv2 --sslv3 --tlsv1 --reneg --resum --certinfo=basic.

OpenSSL Cipher Suites "--sslv2", "--sslv3", "--tlsv1"

Lists the SSL 2.0 / SSL 3.0 / TLS 1.0 OpenSSL cipher suites supported by the server.

Session Renegotiation "--reneg"

Checks whether the server is vulnerable to insecure renegotiation.

Session Resumption "--resum"

Tests the server for session resumption support, using both session IDs and TLS session tickets (RFC 5077).

Session Resumption Rate "--resum_rate"

Estimates the average rate of successful session resumptions by performing 100 session resumptions.

Server Certificate "--certinfo=basic"

Verifies the server's certificate validity against Mozilla's trusted root store, and prints relevant fields of the certificate.

Additional Options

Client Certificate Support

Configures SSlyze to use a client certificate in case the server performs mutual authentication. The following options are required:

• --cert=CERT Client certificate filename.
• --certform=CERTFORM Client certificate format. DER or PEM (default).
• --key=KEY Client private key filename.
• --keyform=KEYFORM Client private key format. DER or PEM (default).
• --pass=KEYPASS Client private key passphrase.
  

Connections Timeout "--timeout=TIMEOUT"

Sets the timeout value in seconds used for every socket connection made to the target server(s). It forces SSLyze to wait more (or less) time for the target server to respond. Default value is 5s.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.