ruby-SSLscanner
A simple and easy to use SSL Cipher scanner
Dependencies
Ruby 2.0.0 or Higher (ruby 1.9.0 should also work)
Colorize gem
Installation
gem install ScanSSL
Or
Clone the repo
-
git clone https://github.com/bararchy/ruby-SSLscanner.git
-
cd ruby-SSLscanner
-
gem install colorize
-
gem install prawn
-
ruby sslscanner.rb -s google.com -p 443 -c
Usage
Usage: sslscanner.rb: [-s <server hostname/ip>] [-p <port>] [-d <debug>] [-c <certificate information>] [-o <output file>] [-t <output file type>]
Added the '-h' option to allow importing a hosts file, the host file should have a server:port for each line.
./sslscanner.rb -s google.com -p 443 -c
TO-DO
- More check for vulnerable cipher combinations
- Checks for insecured TLS renogotiation
- Checks for:
- Heartbleed
- Crime
- Checks for weak certificate key algorithms
- Option to import hosts from file
- multithreading when scanning multiple hosts
- Option to export data to file:
- txt
- html
- csv
- Some kind of a nice "loading bar" while results are geathred
- Use OptionParser or Cli.k for command line options
- Multithreading on Protocols (speeds scan 4 times)
Special thanks to:
- @ik5 (idokan@gmail.com).
- Dor Lerner (dorl3rn3r@gmail.com).
- @elichai
- @wolfedale "Pawel"