SSL/TLS Assessment Tools

Discussion in 'privacy technology' started by TheWindBringeth, May 11, 2016.

  1. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Here is a list I compiled, in the form of an HTML document that displays a sortable table. The table is also visible in the source (scroll down).
    Code:
    <!doctype html>
    <html>
    <head>
    <meta charset="utf-8">
    <title>SSL/TLS Assessment Tools List - Updated 2016-05-15</title>
    <style type="text/css">
    body {font: 13px arial, helvetica, sans-serif;}
    table {border-collapse:collapse;}
    td, th {text-align:left; border:1px solid #636363; padding:3px;}
    th {background-color:#7C96C3; color:white;}
    tr:nth-child(odd) td {background-color:#f3f5fa;}
    td {vertical-align:top; white-space:nowrap;}
    div#verInfoStr {margin-top:10px;}
    
    /* Begin from https://github.com/tristen/tablesort */
    th.sort-header::-moz-selection { background:transparent; }
    th.sort-header::selection      { background:transparent; }
    th.sort-header {
      cursor:pointer;
    }
    th.sort-header::-moz-selection,
    th.sort-header::selection {
      background:transparent;
    }
    table th.sort-header:after {
      content:'';
      float:right;
      margin-top:7px;
      border-width:0 4px 4px;
      border-style:solid;
      border-color:#404040 transparent;
      visibility:hidden;
    }
    table th.sort-header:hover:after {
      visibility:visible;
    }
    table th.sort-up:after,
    table th.sort-down:after,
    table th.sort-down:hover:after {
      visibility:visible;
      opacity:0.4;
    }
    table th.sort-up:after {
      border-bottom:none;
      border-width:4px 4px 0;
    }
    /* End from https://github.com/tristen/tablesort */
    </style>
    <script type="text/javascript">
    
    const verInfoStr = document.title;
    var tableData = [
      ["Focus",           "Protocol",       "Format",       "URL",                                                                                  "Added"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.ssllabs.com/ssltest/viewMyClient.html",                                    "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://badssl.com",                                                                   "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://cryptoreport.websecurity.symantec.com/checker/views/sslCheck.jsp",             "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.howsmyssl.com",                                                            "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://tlsinfo.nails.eu.org",                                                         "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.tls-o-matic.com",                                                          "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.grc.com/revocation.htm",                                                   "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://projects.dm.id.lv/Public-Key-Pins_test",                                       "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.bennish.net/mixed-content.html",                                           "2016-05-14"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://weakdh.org",                                                                   "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://freakattack.com/clienttest.html",                                              "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://www.poodletest.com",                                                           "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://expired.tlsfun.de",                                                            "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://superfish.tlsfun.de",                                                          "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://edell.tlsfun.de",                                                              "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://filippo.io/Badfish",                                                           "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Online Tool",  "https://filippo.io/Heartbleed",                                                        "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Software",     "https://github.com/jmhodges/howsmyssl",                                                "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Software",     "https://github.com/google/badssl.com",                                                 "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Software",     "https://github.com/edvinanet/tls-o-matic",                                             "2016-05-11"],
      ["Client Testing",  "SSL/TLS",        "Software",     "https://openssl.org/docs/apps/s_server.html",                                          "2016-05-11"],
      ["Client Testing",  "Various",        "Software",     "https://github.com/google/nogotofail",                                                 "2016-05-11"],
      ["Client Testing",  "HTTPS",          "Software",     "https://www.cert.org/vulnerability-analysis/tools/cert-tapioca.cfm",                   "2016-05-11"],
      ["Client Testing",  "SMTP StartTLS",  "Online Tool",  "https://checktls.com",                                                                 "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.ssllabs.com/ssltest/index.html",                                           "2016-05-11"],
      ["Server Testing",  "Various",        "Online Tool",  "https://www.htbridge.com/ssl/",                                                        "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://cryptoreport.websecurity.symantec.com",                                        "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://sslanalyzer.comodoca.com",                                                     "2016-05-11"],
      ["Server Testing",  "Various",        "Online Tool",  "https://ssldecoder.org",                                                               "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://ssl-tools.net/webservers",                                                     "2016-05-11"],
      ["Server Testing",  "Various",        "Online Tool",  "https://ssl-tools.net/heartbleed-test",                                                "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://ssl-tools.net/poodle-test",                                                    "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Online Tool",  "https://www.sslchecker.com",                                                           "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://securityheaders.io",                                                           "2016-05-14"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://report-uri.io/home/pkp_analyse",                                               "2016-05-14"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.grc.com/fingerprints.htm",                                                 "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.digicert.com/help",                                                        "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.sslshopper.com/ssl-checker.html",                                          "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.wormly.com/test_ssl",                                                      "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.tinfoilsecurity.com/poodle",                                               "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://mxtoolbox.com/HTTPSLookup.aspx",                                               "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://tools.keycdn.com/freak",                                                       "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://tools.keycdn.com/logjam",                                                      "2016-05-11"],
      ["Server Testing",  "Various",        "Online Tool",  "https://pentest-tools.com/network-vulnerability-scanning/openssl-heartbleed-scanner",  "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Online Tool",  "https://pentest-tools.com/network-vulnerability-scanning/ssl-poodle-scanner",          "2016-05-11"],
      ["Server Testing",  "Various",        "Online Tool",  "https://pentest-tools.com/network-vulnerability-scanning/drown-ssl-scanner",           "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://shachecker.com",                                                               "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.sha2sslchecker.com",                                                       "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://shaaaaaaaaaaaaa.com",                                                          "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://checktls.com",                                                                 "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://ssl-tools.net/mailservers",                                                    "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://starttls.info",                                                                "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://luxsci.com/extranet/tlschecker.html",                                          "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://mxtoolbox.com/diagnostic.aspx",                                                "2016-05-11"],
      ["Server Testing",  "SMTP StartTLS",  "Online Tool",  "https://dane.sys4.de",                                                                 "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://check.sidnlabs.nl/dane/",                                                      "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://synonomic.com",                                                                "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Online Tool",  "https://www.had-pilot.com/dane/danelaw.html",                                          "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Addon",        "https://addons.mozilla.org/nl/firefox/addon/calomel-ssl-validation/",                  "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Addon",        "https://addons.mozilla.org/en-US/firefox/addon/cipherfox/",                            "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Addon",        "https://addons.mozilla.org/en-US/firefox/addon/ssleuth/",                              "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Addon",        "https://www.eff.org/Https-everywhere",                                                 "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Addon",        "https://addons.mozilla.org/en-US/firefox/addon/perspectives/",                         "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Software",     "http://www.bolet.org/TestSSLServer/",                                                  "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Software",     "https://github.com/chorn/mitm-detector",                                               "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Software",     "https://www.digi77.com/ssl-eye-prism-protection/",                                     "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://labs.portcullis.co.uk/tools/ssl-cipher-suite-enum/",                           "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Software",     "https://github.com/ssllabs",                                                           "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://openssl.org/docs/apps/s_client.html",                                          "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://testssl.sh",                                                                   "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "http://prefetch.net/articles/checkcertificate.html",                                   "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/nabla-c0d3/sslyze",                                                 "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/jvehent/cipherscan",                                                "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://www.owasp.org/index.php/O-Saft",                                               "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/rbsec/sslscan",                                                     "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Software",     "https://github.com/bramus/mixed-content-scan",                                         "2016-05-15"],
      ["Server Testing",  "HTTPS",          "Software",     "https://www.ecommerce.co.uk/httpschecker.html",                                        "2016-05-15"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/RaymiiOrg/ssl-decoder",                                             "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/eSentire/nmap-esentire",                                            "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-cert.html",                                        "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-dh-params.html",                                   "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html",                                "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-google-cert-catalog.html",                         "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-heartbleed.html",                                  "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-known-key.html",                                   "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://nmap.org/nsedoc/scripts/ssl-poodle.html",                                      "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Software",     "https://github.com/nimia/public_drown_scanner",                                        "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://sourceforge.net/projects/ssldiagnos/",                                         "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Software",     "http://blog.zoller.lu/2013/03/tool-ssl-audit-v08-release.html",                        "2016-05-11"],
      ["Server Testing",  "SSL/TLS",        "Software",     "http://www.taddong.com/en/lab.html#TLSSLED",                                           "2016-05-11"],
      ["Server Testing",  "HTTPS",          "Software",     "https://github.com/konklone/shaaaaaaaaaaaaa",                                          "2016-05-11"],
      ["Server Testing",  "Various",        "Software",     "https://github.com/shuque/danetls",                                                    "2016-05-11"],
      ["Cert Checking",   "N/A",            "Online Tool",  "https://ssldecoder.org",                                                               "2016-05-11"],
      ["Cert Checking",   "N/A",            "Online Tool",  "https://tools.keycdn.com/ssl",                                                         "2016-05-11"],
      ["Cert Checking",   "N/A",            "Online Tool",  "https://certificatechain.io",                                                          "2016-05-11"],
      ["Cert Checking",   "N/A",            "Software",     "https://github.com/zakjan/cert-chain-resolver",                                        "2016-05-11"],
      ["Cert Checking",   "N/A",            "Software",     "https://github.com/spatie/ssl-certificate-chain-resolver",                             "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://mitmproxy.org",                                                                "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://www.roe.ch/SSLsplit",                                                          "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project",                       "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://portswigger.net/burp/proxy.html",                                              "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://www.charlesproxy.com",                                                         "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "http://www.telerik.com/fiddler",                                                       "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://www.bettercap.org",                                                            "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://ettercap.github.io/ettercap/index.html",                                       "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://github.com/moxie0/sslsniff",                                                   "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://github.com/moxie0/sslstrip",                                                   "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://github.com/tintinweb/striptls",                                                "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "http://www.tcpcatcher.org",                                                            "2016-05-11"],
      ["MITM-ing",        "Various",        "Software",     "https://www.npmjs.com/package/mitm",                                                   "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://sourceforge.net/projects/paros/",                                              "2016-05-11"],
      ["MITM-ing",        "HTTPS",          "Software",     "https://crypto.stanford.edu/ssl-mitm/",                                                "2016-05-11"],
    ];
    
    /*!
     * tablesort v4.0.1 (2016-03-30)
     * http://tristen.ca/tablesort/demo/
     * Copyright (c) 2016 ; Licensed MIT
    */!function(){function a(b,c){if(!(this instanceof a))return new a(b,c);if(!b||"TABLE"!==b.tagName)throw new Error("Element must be a table");this.init(b,c||{})}var b=[],c=function(a){var b;return window.CustomEvent&&"function"==typeof window.CustomEvent?b=new CustomEvent(a):(b=document.createEvent("CustomEvent"),b.initCustomEvent(a,!1,!1,void 0)),b},d=function(a){return a.getAttribute("data-sort")||a.textContent||a.innerText||""},e=function(a,b){return a=a.toLowerCase(),b=b.toLowerCase(),a===b?0:b>a?1:-1},f=function(a,b){return function(c,d){var e=a(c.td,d.td);return 0===e?b?d.index-c.index:c.index-d.index:e}};a.extend=function(a,c,d){if("function"!=typeof c||"function"!=typeof d)throw new Error("Pattern and sort must be a function");b.push({name:a,pattern:c,sort:d})},a.prototype={init:function(a,b){var c,d,e,f,g=this;if(g.table=a,g.thead=!1,g.options=b,a.rows&&a.rows.length>0&&(a.tHead&&a.tHead.rows.length>0?(c=a.tHead.rows[a.tHead.rows.length-1],g.thead=!0):c=a.rows[0]),c){var h=function(){g.current&&g.current!==this&&(g.current.classList.remove("sort-up"),g.current.classList.remove("sort-down")),g.current=this,g.sortTable(this)};for(e=0;e<c.cells.length;e++)f=c.cells[e],f.classList.contains("no-sort")||(f.classList.add("sort-header"),f.tabindex=0,f.addEventListener("click",h,!1),f.classList.contains("sort-default")&&(d=f));d&&(g.current=d,g.sortTable(d))}},sortTable:function(a,g){var h,i=this,j=a.cellIndex,k=e,l="",m=[],n=i.thead?0:1,o=a.getAttribute("data-sort-method"),p=a.getAttribute("data-sort-order");if(i.table.dispatchEvent(c("beforeSort")),g?h=a.classList.contains("sort-up")?"sort-up":"sort-down":(h=a.classList.contains("sort-up")?"sort-down":a.classList.contains("sort-down")?"sort-up":"asc"===p?"sort-down":"desc"===p?"sort-up":i.options.descending?"sort-up":"sort-down",a.classList.remove("sort-down"===h?"sort-up":"sort-down"),a.classList.add(h)),!(i.table.rows.length<2)){if(!o){for(;m.length<3&&n<i.table.tBodies[0].rows.length;)l=d(i.table.tBodies[0].rows[n].cells[j]),l=l.trim(),l.length>0&&m.push(l),n++;if(!m)return}for(n=0;n<b.length;n++)if(l=b[n],o){if(l.name===o){k=l.sort;break}}else if(m.every(l.pattern)){k=l.sort;break}for(i.col=j,n=0;n<i.table.tBodies.length;n++){var q,r=[],s={},t=0,u=0;if(!(i.table.tBodies[n].rows.length<2)){for(q=0;q<i.table.tBodies[n].rows.length;q++)l=i.table.tBodies[n].rows[q],l.classList.contains("no-sort")?s[t]=l:r.push({tr:l,td:d(l.cells[i.col]),index:t}),t++;for("sort-down"===h?(r.sort(f(k,!0)),r.reverse()):r.sort(f(k,!1)),q=0;t>q;q++)s[q]?(l=s[q],u++):l=r[q-u].tr,i.table.tBodies[n].appendChild(l)}}i.table.dispatchEvent(c("afterSort"))}},refresh:function(){void 0!==this.current&&this.sortTable(this.current,!0)}},"undefined"!=typeof module&&module.exports?module.exports=a:window.Tablesort=a}();
    
    Tablesort.extend('integer', function(item) {
      return item.match(/^[0-9]+$/);
    }, function(a, b) {
      return b - a;
    });
    
    function createTable(parentId, tblId, tblData, addRowNum, linkifyUrls, makeSortable) {
      var tbl = document.createElement('table');
      tbl.id = tblId;
      var thead = document.createElement("thead");
      var row = document.createElement("tr");
      if(addRowNum) {
        var th = document.createElement('th');
        th.class = "sort-header";
        th.setAttribute("data-sort-method", "integer");
        th.appendChild(document.createTextNode("#"));
        row.appendChild(th);
      }
      var hdrRowLength = tblData[0].length;
      for(var c=0; c<tblData[0].length; c++) {
        var th = document.createElement('th');
        th.class = "sort-header";
        var cellData = tblData[0][c];
        th.appendChild(document.createTextNode(cellData));
        row.appendChild(th);
      }
      thead.appendChild(row);
      tbl.appendChild(thead);
      var tbody = document.createElement("tbody");
      for(var r=1; r<tblData.length; r++) {
        row = document.createElement("tr");
        if(addRowNum) {
          var td = document.createElement('td');
          td.appendChild(document.createTextNode(r));
          row.appendChild(td);
        }
        if(tblData[r].length != hdrRowLength) {
          var e = document.createTextNode("ERROR: Table row lengths are not uniform");
          document.getElementById(parentId).appendChild(e);
          return;
        }
        for(var c=0; c<tblData[r].length; c++) {
          var td = document.createElement('td');
          var cellData = tblData[r][c];
          var tn = document.createTextNode(cellData);
          if(linkifyUrls && /^https?:\/\//.test(cellData)) {
            var a = document.createElement("a");
            a.setAttribute("href", cellData);
            a.appendChild(tn);
            td.appendChild(a);
          }
          else td.appendChild(tn);
          row.appendChild(td);
        }
        tbody.appendChild(row);
      }
      tbl.appendChild(tbody);
      document.getElementById(parentId).appendChild(tbl);
      if(makeSortable) {
        new Tablesort(document.getElementById(tblId));
      }
    }
    
    window.addEventListener("load", function init(event){
      document.getElementById("verInfoStr").innerHTML = verInfoStr;
      createTable("tableDiv", "table", tableData, true, true, true);
    },false);
    
    </script>
    </head>
    <body>
    <noscript>This page requires javascript</noscript>
    <div id="tableDiv"></div>
    <div id="verInfoStr"></div>
    </body>
    </html>
    
    I cannot monitor the accuracy and/or safety of all of the things listed here. So please be careful when approaching them. If you think something noteworthy is missing, please post the link.
     
    Last edited: May 15, 2016
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Super list :thumbd:
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    BTW - I strongly advise anyone using a security product that has a SSL protocol scanning option to test same using one or more of the above tests. You might be in for a surprise in what does not work properly.
     
Loading...