rbsec
rbsec
Hi @agrandville, This is an interesting idea - I've seen a few sites that have multiple certificates like this, so it would be nice to have some detection for that....
@jtesta one potential issue with using a list of accepted algorithms is that if the server accepts the bogus one, then not further testing is carried out for them -...
That's a fair point. Actually, looking at the current code, you can already get multiple `` blocks - you get one by default, and a second one with more details...
To be honest, it's not a huge deal if we change the XML a bit for 2.0 (especially given it's a bit dodgy at the moment). I'll look at adding...
Hi, You can either make a pull request on GitHub from your forked repository, or if you prefer you can send me a diff/patch file (here or directly).
The sslscan target was originally marked at as pnony in the PR that introduced static building. The problem with marking it as non-phony is that it means that if (for...
Hi @rdurk, Those ciphers are detected by OpenSSL (and are actually shown in your output) - the confusion is that the names that OpenSSL uses for some ciphers don't match...
The reason that the cipher naming is somewhat inconsistent is that sslscan relies on the `SSL_get_cipher_name()` OpenSSL function, which returns the OpenSSL names rather than the IANA ones up to...
> In some cases the sslscan results doesn't show the openssl cipher id, so we have to match the whole name. When is it shown vs not shown? I use...
Which bit of the XML output are you looking at? When you pass `--show-certificates`, there should be two sections. The `full` section should include the entire Issuer, the `short` section...