Tests all (of the following) vulnerabilities (if applicable):
- tests for Heartbleed vulnerability
- tests for CCS injection vulnerability
- tests for Ticketbleed vulnerability in BigIP loadbalancers
- tests for Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability
- tests for STARTTLS injection issues
- tests for renegotiation vulnerabilities
- tests for CRIME vulnerability (TLS compression issue)
- tests for BREACH vulnerability (HTTP compression issue)
- tests for POODLE (SSL) vulnerability
- checks TLS_FALLBACK_SCSV mitigation
- tests 64 bit block ciphers (3DES, RC2 and IDEA): SWEET32 vulnerability
- tests for BEAST vulnerability
- tests for LUCKY13
- tests for winshock vulnerability
- tests for FREAK vulnerability
- tests for LOGJAM vulnerability
- tests for DROWN vulnerability
- which RC4 ciphers are being offered?
* ROBOT / Bleichenbacher check has been implemented. Read more about this old+new attack robot attack.
Powered by Testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.