Knowing Your SSL/TLS

One thing I have noticed during testing is that there are a number of vulnerabilities that occur as a result of TLS version and cipher suite used. So, I have added a few new tricks in my arsenal to hunt for SSL/TLS that are being used.We will discuss both of the following, one by one -

1. Using SSLSCAN
2. Using NMAP scripting engine

First, SSL scan; command: sslscanTesting it on a test site:   Advantages:

• Faster than others scans, sometimes it takes just a few seconds to get the results.

Disadvantages:

• May have false positives

---

Second: Nmap NSEThere are a few scripts in Nmap which can come in handy and one of them is ssl-enum-ciphers.nseCommand: nmap --script ssl-enum-ciphers.nse target IP/URL   Thanks :)