faraday icon indicating copy to clipboard operation
faraday copied to clipboard
verified publisher icon infobyte

plugin for sslscan

Open danie-dejager opened this issue 4 years ago • 2 comments

Can you please plugin sslscan?

source: https://github.com/rbsec/sslscan

Output: → ./sslscan www.example.com

Version: 2.0.10-4-g5224502-static
OpenSSL 1.1.1l-dev  xx XXX xxxx

Connected to 93.184.216.34

Testing SSL server www.example.com on port 443 using SNI name www.example.com

  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   enabled
TLSv1.3   enabled

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLSv1.3 not vulnerable to heartbleed
TLSv1.2 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.3  256 bits  TLS_AES_256_GCM_SHA384        Curve P-521 DHE 521
Accepted  TLSv1.3  256 bits  TLS_CHACHA20_POLY1305_SHA256  Curve P-521 DHE 521
Accepted  TLSv1.3  128 bits  TLS_AES_128_GCM_SHA256        Curve P-521 DHE 521
Preferred TLSv1.2  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-521 DHE 521
Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-521 DHE 521
Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-521 DHE 521

  Server Key Exchange Group(s):
TLSv1.3  128 bits  secp256r1 (NIST P-256)
TLSv1.3  192 bits  secp384r1 (NIST P-384)
TLSv1.3  260 bits  secp521r1 (NIST P-521)
TLSv1.2  192 bits  secp384r1 (NIST P-384)

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
ECC Curve Name:      secp384r1
ECC Key Strength:    192

Subject:  example.com
Altnames: DNS:id.example.com, DNS:in.example.com, DNS:example.com, DNS:example.com.au, DNS:example.com.hk, DNS:example.de, DNS:example.net, DNS:example.nl, DNS:example.org
Issuer:   R3

Not valid before: May 28 09:13:44 2021 GMT
Not valid after:  Aug 26 09:13:44 2021 GMT

danie-dejager avatar Aug 06 '21 13:08 danie-dejager

@daniejstriata we had considered the tool but we dont see information about any vulnerability tha we could map into our model. but feel free to follow this article to create your custom plugin. https://docs.faradaysec.com/Basic-plugin-development/

ezk06eer avatar Aug 25 '21 13:08 ezk06eer

Often informational items is not aligned to policy. What I foresee is that if an informational item like TL 1.1 being active will create a warming.

danie-dejager avatar Aug 25 '21 13:08 danie-dejager