SSLyze包装说明

SSLyze是一个Python的工具，它可以通过连接到它分析服务器的SSL配置。它的设计是快速和全面的，应该帮助组织和测试人员找出配置错误影响了他们的SSL服务器。 主要功能包括：

• 多处理和多线程扫描（它的速度快）
• SSL 2.0 / 3.0和TLS 1.0 / 1.1 / 1.2的兼容性
• 性能测试：会话恢复和TLS票支持
• 安全性测试：弱密码套件，不安全的重新谈判，犯罪，Heartbleed多
• 服务器证书验证和撤销，通过OCSP装订检查
• 支持对SMTP，XMPP，LDAP，POP，IMAP，RDP和FTP启动TLS握手
• 扫描执行相互验证的服务器时，支持客户端证书
• XML输出​​，以进一步处理该扫描结果 资料来源：https://github.com/iSECPartners/sslyze

SSLyze首页 | 卡利SSLyze回购

• 作者：iSECPartners
• 许可：GPL第二版

  0x01 包含在sslyze包工具

  sslyze - 快速，全功能SSL扫描器

  :~# sslyze -h
  REGISTERING AVAILABLE PLUGINS
  -----------------------------
  PluginSessionResumption
  PluginOpenSSLCipherSuites
  PluginCompression
  PluginCertInfo
  PluginSessionRenegotiation
  Usage: sslyze [options] target1.com target2.com:443 etc...
  Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  --xml_out=XML_FILE    Writes the scan results as an XML document to the file
                        XML_FILE.
  --targets_in=TARGETS_IN
                        Reads the list of targets to scan from the file
                        TARGETS_IN. It should contain one host:port per line.
  --timeout=TIMEOUT     Sets the timeout value in seconds used for every
                        socket connection made to the target server(s).
                        Default is 5s.
  --https_tunnel=HTTPS_TUNNEL
                        Sets an HTTP CONNECT proxy to tunnel SSL traffic to
                        the target server(s). HTTP_TUNNEL should be
                        'host:port'. Requires Python 2.7
  --starttls=STARTTLS   Identifies the target server(s) as a SMTP or an XMPP
                        server(s) and scans the server(s) using STARTTLS.
                        STARTTLS should be 'smtp' or 'xmpp'.
  --xmpp_to=XMPP_TO     Optional setting for STARTTLS XMPP.  XMPP_TO should be
                        the hostname to be put in the 'to' attribute of the
                        XMPP stream. Default is the server's hostname.
  --regular             Regular HTTPS scan; shortcut for --sslv2 --sslv3
                        --tlsv1 --reneg --resum --certinfo --http_get
                        --hide_rejected_ciphers --compression --tlsv1_1
                        --tlsv1_2
  Client certificate support:
    --cert=CERT         Client certificate filename.
    --certform=CERTFORM
                        Client certificate format. DER or PEM (default).
    --key=KEY           Client private key filename.
    --keyform=KEYFORM   Client private key format. DER or PEM (default).
    --pass=KEYPASS      Client private key passphrase.
  PluginSessionResumption:
    Analyzes the target server's SSL session resumption capabilities.
    --resum             Tests the server for session ressumption support,
                        using session IDs and TLS session tickets (RFC 5077).
    --resum_rate        Performs 100 session resumptions with the target
                        server, in order to estimate the session resumption
                        rate.
  PluginOpenSSLCipherSuites:
    Scans the target server for supported OpenSSL cipher suites.
    --sslv2             Lists the SSL 2.0 OpenSSL cipher suites supported by
                        the server.
    --sslv3             Lists the SSL 3.0 OpenSSL cipher suites supported by
                        the server.
    --tlsv1             Lists the TLS 1.0 OpenSSL cipher suites supported by
                        the server.
    --tlsv1_1           Lists the TLS 1.1 OpenSSL cipher suites supported by
                        the server.
    --tlsv1_2           Lists the TLS 1.2 OpenSSL cipher suites supported by
                        the server.
    --http_get          Option - For each cipher suite, sends an HTTP GET
                        request after completing the SSL handshake and returns
                        the HTTP status code.
    --hide_rejected_ciphers
                        Option - Hides the (usually long) list of cipher
                        suites that were rejected by the server.
  PluginCompression:
    --compression       Tests the server for Zlib compression support.
  PluginCertInfo:
    --certinfo=CERTINFO
                        Verifies the target server's certificate validity
                        against Mozilla's trusted root store, and prints
                        relevant fields of the certificate. CERTINFO should be
                        'basic' or 'full'.
  PluginSessionRenegotiation:
    --reneg             Tests the target server's support for client-initiated
                        renegotiations and secure renegotiations.
  

  0x02 sslyze用法示例

  启动定期扫描类型 （-regular） 对目标主机 （www.example.com）：

:~# sslyze --regular www.example.com
 REGISTERING AVAILABLE PLUGINS
 -----------------------------
  PluginCompression
  PluginCertInfo
  PluginSessionResumption
  PluginSessionRenegotiation
  PluginOpenSSLCipherSuites
 CHECKING HOST(S) AVAILABILITY
 -----------------------------
   www.example.com:443                 => 93.184.216.119:443
 SCAN RESULTS FOR WWW.EXAMPLE.COM:443 - 93.184.216.119:443
 ---------------------------------------------------------
  * Compression :
        Compression Support:      Disabled
  * Certificate :
      Validation w/ Mozilla's CA Store:  Certificate is Trusted

原文来自https://www.hackfun.org/kali-tools/sslyze_zh.html。转载请注明原出处，商用请联系原作者授权。