Name Last modified Size Description
Parent Directory - CHANGELOG 22-Oct-2013 12:27 2.6K LICENSE 21-Jun-2010 14:19 18K openssl-1.01c-32+64b..> 12-Oct-2012 22:37 2.1M openssl-1.01c-32+64b..> 12-Oct-2012 22:39 65 snapshot.jpg 30-Jun-2010 10:04 98K snapshot_small.jpg 30-Jun-2010 10:06 14K testssl.sh 22-Oct-2013 12:25 13K
testssl.sh is a Unix command line tool which checks for the support of weak SSL ciphers and the old
SSL version 2 as well as some flaws as renotiation and CRIME.
It's designed to provide clear output for a good/bad decision as not everybody has cryptography skills like Bruce Schneier ;-) (hint: me neither). testssl.sh is working on every Linux distribution which has openssl installed. For several reasons however you should better compile this yourself or check out the binaries below (Linux). Since testssl.sh pretty much portable it should work on any other Unix system and on cygwin, supposed it can find openssl.
So called cipher classes are supported as well as single cipher tests, supposed they're available on the client side . The drawback for most distributions: One cannot check 56Bit ciphers as they are disabled during compile time, also lots of ciphers normally are for security reasons disabled. However if you want to check your server you'll need them. Thus the signed tarball provides specially compiled openssl binaries as a courtesy.
Contributions are welcome, contact see here or here. I post all updates on Twitter.