Short Description: SSL Audit scans servers for SSL/TLS support; it implements its own rudimentary SSL/TLS Parser and is as such not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known and RFC defined cipher suites.
Long Description 1: SSL Audit scans servers for SSL/TLS support; it implements its own rudimentary SSL/TLS Parser and is as such not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known and RFC defined cipher suites.
Long Description 2: SSL Audit scans servers for SSL/TLS support; it implements its own rudimentary SSL/TLS Parser and is as such not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known and RFC defined cipher suites.
I have updated my little TLS/SSL Scanner called 'SSL Audit' to version 0.8. I tweaked it slightly but the tool is still based on it's own rudimentary SSL Engine and hence is not limited by the number of ciphersuites and protocols available to OpenSSL or NSS.
By the way I am still a little bit proud of the SSL Stack fingerprinting feature. I haven't updated it recently but it still seems to work out nicely. Try it out and let me know, especially if you have access to less known ssl stacks.
Changes
Added support for TLS 1.2 CAMELIA ciphersuites;
Speed up SSLv2 enumeration;
Added the complete range of ARIA ciphersuites (http://tools.ietf.org/html/draft-nsri-tls-aria-00)
|