SSLyze
======
[![Build Status](https://travis-ci.org/nabla-c0d3/sslyze.svg?branch=master)](https://travis-ci.org/nabla-c0d3/sslyze)
[![PyPI version](https://badge.fury.io/py/SSLyze.svg)](https://badge.fury.io/py/SSLyze)
[![](https://images.microbadger.com/badges/image/nablac0d3/sslyze.svg)](https://microbadger.com/images/nablac0d3/sslyze) [![Join the chat at https://gitter.im/sslyze/community](https://badges.gitter.im/sslyze/community.svg)](https://gitter.im/sslyze/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
Fast and powerful SSL/TLS server scanning library for Python 3.6+.
Description
-----------
SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is
designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting
their SSL/TLS servers.
Key features include:
* Fully [documented Python API](https://nabla-c0d3.github.io/sslyze/documentation/), in order to run scans and process the results directly from Python.
* **New: Support for TLS 1.3 and early data (0-RTT) testing.**
* Scans are automatically dispatched among multiple processes, making them very fast.
* Performance testing: session resumption and TLS tickets support.
* Security testing: weak cipher suites, insecure renegotiation, ROBOT, Heartbleed and more.
* Server certificate validation and revocation checking through OCSP stapling.
* Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
* Scan results can be written to an XML or JSON file for further processing.
* And much more!
Usage as a CLI
--------------
SSLyze can be installed directly via pip:
$ pip install --upgrade setuptools
$ pip install --upgrade sslyze
$ python -m sslyze --regular www.yahoo.com:443 www.google.com "[2607:f8b0:400a:807::2004]:443"
SSLyze has been tested on the following platforms: Debian 7 (32 and 64 bits), macOS High Sierra, and Windows 10
(Python 64 bits only).
Usage as a library
------------------
SSLyze exposes a Python API in order to run scans and process the results directly in Python; full documentation is
[available here][documentation].
Dev environment
---------------
If you want to setup a local environment where you can work on SSLyze, you will first need to install
[pipenv](https://docs.pipenv.org/). You can then initialize the environment using:
$ cd sslyze
$ pipenv install --dev
$ pipenv shell
You can then run the test suite:
$ invoke test
Windows executable
------------------
A Windows executable that does not require installing Python is available in the
[Releases page](https://github.com/nabla-c0d3/sslyze/releases) tab.
Docker
------
By default the image runs the `-h` flag:
```bash
docker run --rm -it nablac0d3/sslyze
Usage: sslyze [options] target1.com target2.com:443 target3.com:443{ip} etc...
Options:
--version show program's version number and exit
-h, --help show this help message and exit
```
This image was intended to be ran as an executable like so:
```bash
docker run --rm -it nablac0d3/sslyze --regular www.github.com:443
```
### Create utility from the image
Add the following line to your shell's rc file (e.g. ~/.bashrc):
```bash
alias 'sslyze'='docker run --rm -it nablac0d3/sslyze'
```
Now reload your shell defaults by running:
```bash
source ~/.bashrc
```
You can now execute the image like so:
```bash
$ sslyze
Usage: sslyze [options] target1.com target2.com:443 target3.com:443{ip} etc...
Options:
--version show program's version number and exit
-h, --help show this help message and exit
```
How does it work ?
------------------
SSLyze is all Python code but it uses an
[OpenSSL wrapper written in C called nassl](https://github.com/nabla-c0d3/nassl), which was specifically developed for
allowing SSLyze to access the low-level OpenSSL APIs needed to perform deep SSL testing.
Where do the trust stores come from?
------------------------------------
The trust stores (Mozilla, Microsoft, etc.) used by SSLyze for certificate validation are downloaded from the
[Trust Stores Observatory](https://github.com/nabla-c0d3/trust_stores_observatory).
The trust stores can be updated to the latest version, using either the CLI:
$ python -m sslyze --update_trust_stores
or the Python API:
```python
from sslyze.plugins.utils.trust_store.trust_store_repository import TrustStoresRepository
TrustStoresRepository.update_default()
```
License
-------
Copyright (c) 2018 Alban Diquet
SSLyze is made available under the terms of the GNU Affero General Public License (AGPL). See LICENSE.txt for details and exceptions.
[documentation]: https://nabla-c0d3.github.io/sslyze/documentation
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
sslyze-2.1.4.tar.gz (92个子文件)
sslyze-2.1.4
MANIFEST.in 68B
PKG-INFO 7KB
sslyze
server_connectivity_info.py 6KB
synchronous_scanner.py 2KB
concurrent_scanner.py 9KB
plugins
openssl_ccs_injection_plugin.py 9KB
session_renegotiation_plugin.py 7KB
http_headers_plugin.py 23KB
robot_plugin.py 22KB
compression_plugin.py 4KB
session_resumption_plugin.py 19KB
certificate_info_plugin.py 51KB
fallback_scsv_plugin.py 4KB
early_data_plugin.py 5KB
plugin_base.py 5KB
openssl_cipher_suites_plugin.py 43KB
__init__.py 0B
heartbleed_plugin.py 8KB
certificate_info
cert_chain_analyzer.py 7KB
get_cert_chain.py 4KB
__init__.py 0B
cli_connector.py 25KB
scan_command.py 9KB
symantec.py 7KB
plugins_repository.py 3KB
utils
certificate_utils.py 4KB
__init__.py 0B
trust_store
pem_files
mozilla_nss.yaml 18KB
google_aosp.pem 213KB
apple.yaml 27KB
openjdk.pem 139KB
oracle_java.pem 139KB
oracle_java.yaml 14KB
mozilla_nss.pem 216KB
apple.pem 275KB
microsoft_windows.yaml 49KB
google_aosp.yaml 17KB
openjdk.yaml 14KB
microsoft_windows.pem 489KB
trust_store_repository.py 6KB
trust_store.py 2KB
__init__.py 0B
__main__.py 5KB
__init__.py 142B
ssl_settings.py 5KB
utils
connection_helpers.py 3KB
worker_process.py 2KB
ssl_connection_configurator.py 6KB
ssl_connection.py 6KB
__init__.py 0B
thread_pool.py 4KB
http_response_parser.py 1KB
tls_wrapped_protocol_helpers.py 9KB
http_request_generator.py 774B
tls12_workaround.py 1KB
server_connectivity_tester.py 16KB
cli
output_generator.py 2KB
console_output.py 5KB
command_line_parser.py 20KB
xml_output.py 5KB
json_output.py 6KB
__init__.py 469B
output_hub.py 3KB
tests
plugin_tests
test_openssl_ccs_injection_plugin.py 2KB
test_http_headers_plugin.py 6KB
test_heartbleed_plugin.py 3KB
test_session_resumption_plugin.py 4KB
test_robot_plugin.py 2KB
test_certificate_utils.py 1KB
test_trust_store_repository.py 481B
test_openssl_cipher_suites_plugin.py 17KB
__init__.py 0B
test_compression_plugin.py 2KB
test_early_data_plugin.py 3KB
test_fallback_scsv_plugin.py 4KB
test_certificate_info_plugin.py 28KB
test_session_renegotiation_plugin.py 3KB
openssl_server
__init__.py 8KB
cli_tests
test_console_output_generator.py 7KB
test_xml_output_generator.py 4KB
__init__.py 2KB
test_json_output_generator.py 3KB
setup.cfg 222B
sslyze.egg-info
PKG-INFO 7KB
requires.txt 102B
SOURCES.txt 4KB
entry_points.txt 49B
top_level.txt 13B
dependency_links.txt 1B
setup.py 3KB
README.md 5KB
LICENSE.txt 34KB
共 92 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功