![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
介紹
HomePage: https://github.com/rbsec/sslscan
sslscan2 # supports TLSv1.3
Builld sslscan
apt-get install build-essential git zlib1g-dev
mkdir sslscan
cd sslscan
wget https://github.com/rbsec/sslscan/archive/1.11.11-rbsec.tar.gz
tar -zxf 1.11.11-rbsec.tar.gz
d sslscan-1.11.11-rbsec
make static
./sslscan --version
1.11.11-static OpenSSL 1.0.2-chacha (1.0.2g-dev)
Remark
Note that many modern distros (including Debian) ship with a version of OpenSSL that disables support for SSLv2 ciphers.
If sslscan is compiled on one of these distros, it will not be able to detect SSLv2.
Usage
sslscan的原理
通過建立多個 https 的連線來試探伺服器支援的加密方式
Opts
- --sni-name=<name> Hostname for SNI
- --show-certificate Show full certificate information
- --no-check-certificate Don't warn about weak certificate algorithm or keys
- --ssl3 Only check SSLv3 ciphers
- --tlsall Only check TLS ciphers (all versions)