Testssl.sh - Online TLS/SSL Vulnerability Testing tool

You can specify a port number (i.e. domain.com:8443) - 443 is default

Tests all (of the following) vulnerabilities (if applicable):

• tests for Heartbleed vulnerability
• tests for CCS injection vulnerability
• tests for Ticketbleed vulnerability in BigIP loadbalancers
• tests for Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability
• tests for STARTTLS injection issues
• tests for renegotiation vulnerabilities
• tests for CRIME vulnerability (TLS compression issue)
• tests for BREACH vulnerability (HTTP compression issue)
• tests for POODLE (SSL) vulnerability
• checks TLS_FALLBACK_SCSV mitigation
• tests 64 bit block ciphers (3DES, RC2 and IDEA): SWEET32 vulnerability
• tests for BEAST vulnerability
• tests for LUCKY13
• tests for winshock vulnerability
• tests for FREAK vulnerability
• tests for LOGJAM vulnerability
• tests for DROWN vulnerability
• which RC4 ciphers are being offered?

* ROBOT / Bleichenbacher check has been implemented. Read more about this old+new attack robot attack.

Powered by Testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.