TLS-Scanner
TLS-Scanner copied to clipboard
tls-attacker
The TLS-Scanner Module from TLS-Attacker
From the RFC: 2.5.1.2. Missing SRP Extension The client may offer SRP cipher suites in the hello message but omit the SRP extension. If the server would like to select...
When I try to scan my own webpage - see https://tls-scanner.cs.uni-paderborn.de/report/hboeck.de I get a warning that it would not support the Encrypt-then-MAC extension: ``` Encrypt-then-MAC extension support: FALSE (Score: -50)...
When testing the ALPACA probe I see that the SNI name is set to "notarealtls-attackerhost.com" in the isSupportingStrictSni method, however on my server trace the SNI value is still set...
Add the TLS-Scanner version to the output of the scanner (and the JSON). This is useful when continuing to process the data with other tools.
On a certain target the TLS Scanner crashes because of a RuntimeException. Here is the stacktrace: ``` INFO : ThreadedScanJobExecutor - Padding oracle probe executed ERROR: ThreadedScanJobExecutor - Some probe...
I have one target where the PaddingOracleAttacker is printing the same warnings over and over again (currently almost 4000times) since over 400 minutes. ``` INFO : Main - Performing Scan,...
Which JSON object indicates whether the certificate was signed by a trusted CA? I would guess that the "trusted" object does. However, this object is everytime "null" ``` { "version":...
SUPPORTS_OCSP_STAPLING is no longer included in the json output. The guideline report says, that SUPPORTS_OSCP wasn't tested, yet. ``` "checkName": "Certificates shall be issued by CA that publishes revocation information...
Null Pointer Exception after the invalid curve probe ``` ┌──(kali㉿kali)-[~/Documents/Tools/TLS-Scanner] └─$ sudo docker run -t tlsscanner -connect www.m10x.de:443 -outputFile result.json [sudo] password for kali: INFO : Main - Performing Scan,...