SSLScan is a command-line tool used to test SSL/TLS connections and identify weak cipher suites, SSL versions, and security vulnerabilities. Here is a cheatsheet for SSLScan with some of the most commonly used options and commands:
Basic Usage:
sslscan <hostname>:<Port>
Options:
--no-colour Disable color output
--no-failed Do not print failed cipher suites
--no-ciphersuites Do not print cipher suites
--show-certificate Show certificate details
--show-fingerprint Show certificate fingerprints
--starttls=<protocol> Start TLS with specified protocol
--ssl3 Only test SSLv3
--tls1 Only test TLSv1.0
--tls1_1 Only test TLSv1.1
--tls1_2 Only test TLSv1.2
--tls1_3 Only test TLSv1.3
--protocols=<protocol list> Test only specified protocols
--cipher=<cipher suite> Test only specified cipher suite
--xml=<file> Save output in XML format
--timeout=<milliseconds> Set connection timeout
Examples:
sslscan example.com:443
sslscan example.com:443 --show-certificate
sslscan example.com:443 --protocols=sslv3,tls1,tls1_1,tls1_2,tls1_3
sslscan example.com:443 --starttls=smtp
sslscan example.com:443 --cipher=TLS_RSA_WITH_AES_128_CBC_SHA
sslscan example.com:443 --xml=output.xml Output:
The output of SSLScan provides information about the SSL/TLS connection and the supported cipher suites. The output will be displayed in the following format:
Accepted TLS connection versions:<List of Supported TLS Versions>
Accepted cipher suites:
<Cipher Suite 1>
<Cipher Suite 2>
...
If the --show-certificate option is specified, additional
certificate information will be displayed.
If the --show-fingerprint option is specified, SHA1, SHA256, and
MD5 fingerprints of the server's SSL certificate will be displayed.
If the --xml option is specified, the output will be saved in an
XML format for further analysis.
