Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Framework and command-line tool to scan SSL enabled services

Project Description

pySSLScan is a framework to scan SSL enabled services, in order to determine the supported ciphers, preferred ciphers, certificate information and more. It is designed to be flexible, lean and fast.

It can be used as a library in other software projects and provides a command-line tool to get started.

You can find more information in the documentation.

Features

  • Query SSL services
  • Supported cryptographic protocols:
    • SSLv2, SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2
    • DTLS 1.0 and DTLS 1.2
  • Supported Protocols:
    • TCP, HTTP, IMAP, POP3, SMTP, LDAP and RDP
    • UDP
  • IPv4 and IPv6
  • Scan modules:
    • Supported ciphers
    • Ciphers preferred
    • Supported compression methods
    • Supported elliptic curves
    • Test support for Signaling Cipher Suite Value (SCSV)
    • Extract EC Point Formats
    • Server certificate (requires pyOpenSSL)
    • Test renegotiation (requires pyOpenSSL)
    • Detect vulnerabilities
      • Heartbleed
    • Extract server information: HTTP, IMAP, POP3 and SMTP
  • Rule based result highlighting
  • Output formats:
    • text/terminal

Install

Requirements:

  • Python 2.7 or Python >= 3.2
  • Python packages:
    • flextls >= 0.3
    • six >= 1.4.1
  • Python packages(optional):
    • cryptography >= 0.5
    • pyOpenSSL >= 0.14

Install:

At the time of writing pySSLScan requires the development version of the cryptography packages. Use the source directly from the git repository. https://github.com/pyca/cryptography

$ pip install sslscan

Usage

To scan a HTTPS service:

$ pysslscan scan --scan=protocol.http --scan=vuln.heartbleed --scan=server.renegotiation \
  --scan=server.preferred_ciphers --scan=server.ciphers \
  --report=term:rating=ssllabs.2009e --ssl2 --ssl3 --tls10 --tls11 --tls12 http://example.org

To display more information:

$ pysslscan --help

License

Published under the LGPLv3+ (see LICENSE for more information)

Release History

Release History

This version
History Node

0.5.1

History Node

0.5

History Node

0.4

History Node

0.2

History Node

0.1

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
sslscan-0.5.1.tar.gz (26.0 kB) Copy SHA256 Checksum SHA256 Source Jul 13, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting