SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.
- SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
- Performance testing: session resumption and TLS tickets support
- Security testing: weak cipher suites, insecure renegation, CRIME and THC-SSL DOS attacks
- Server certificate validation
- Support for StartTLS with SMTP and XMPP, and traffic tunneling through an HTTPS proxy
- Client certificate support for servers performing mutual authentication
- Scan results can be written to an XML file for further processing
New in v0.6:
- Added support for Server Name Indication; see –sni
- Partial results are returned when the server requires client authentication but no client certificate was provided
- Preliminary IPv6 support
- Various bug fixes and better support of client authentication and HTTPS tunneling
You can download SSLyze v0.6 here:
Or read more here.