testssl.sh is a free command line tool which checks a server’s administration on any port for the help of TLS/SSL ciphers, protocols and some TLS/SSL vulnerabilities.
1. Easy to install.
2. You can check with all port not only with 443.
3. Warnings if there is an issue with tests performed.
4. Compatible with Linux/BSD distribution
5. Supports more TLS extensions via sockets
6. TLS 1.3 support
7. Check for CAA RR
8. Check for OCSP must staple
9. Check for Certificate Transparency
10.Expect-CT Header Detection
In this Kali Linux Tutorial we show how to work with testssl.sh and find all the cryptographic vulnerabilities. To download the tool.
To install testssl.sh
git clone –depth 1 https://github.com/drwetter/testssl.sh.git
To run the tool
root@kali:~/testssl.sh# ./testssl.sh
To check for Heartbleed
root@kali:~/testssl.sh# ./testssl.sh -H testdomain.com
Also Read Fast and Complete SSL Scanner to Find Mis-configurations affecting TLS/SSL
To check for POODLE
root@kali:~/testssl.sh# ./testssl.sh -O testdomain.com
To perform a complete check
root@kali:~/testssl.sh# ./testssl.sh testdomain.com
To perform check with smtp
root@kali:~/testssl.sh# ./testssl.sh -t smtp testdomain.com
To see prefered SSL/TLS protocols
root@kali:~/testssl.sh# ./testssl.sh -P testdomain.com
To test the vulnerabilities
root@kali:~/testssl.sh# ./testssl.sh -U –sneaky testdomain.com
Developed By: drwetter
Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…
The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…
SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…
F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…
The healthcare sector has emerged as a prime target for cyber attackers, driven by the…
Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…