Home 0P3N Blog Knowing Your SSL/TLS
Ready to Start Your Career?
Create Free Account
H5p s profile image
By: H5p
April 13, 2017

Knowing Your SSL/TLS

By: H5p
April 13, 2017
H5p s profile image
By: H5p
April 13, 2017
1-sslscanOne thing I have noticed during testing is that there are a number of vulnerabilities that occur as a result of TLS version and cipher suite used. So, I have added a few new tricks in my arsenal to hunt for SSL/TLS that are being used.We will discuss both of the following, one by one -
  1. Using SSLSCAN
  2. Using NMAP scripting engine
First, SSL scan; command: sslscan1-sslscanTesting it on a test site:   2-sslscan3-sslscan4-sslscanAdvantages:
  • Faster than others scans, sometimes it takes just a few seconds to get the results.
Disadvantages:
  • May have false positives

Second: Nmap NSEThere are a few scripts in Nmap which can come in handy and one of them is ssl-enum-ciphers.nseCommand: nmap --script ssl-enum-ciphers.nse target IP/URL1-nmap2-nmap3-nmap   Thanks :)
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry