sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

Updates:

• You can disable the automatic creation of links for HTTPS hosts by using --no-links.
• Report font has been set to 11pt Arial.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

Updates:

• New report format options.
  • -r 0 - Default. "Minimal" report with only two columns - one to identify the host, and the other to list the ciphers accepted by that host.
  • -r 1 - Minimal report format, replacing the list of accepted ciphers for each host with "yes/no summary" information. For example, whether SSLv2 is accepted, SSLv3, TLSv1.0, etc.
  • -r 2 - New "inverted" report format. Uses two columns - one for each condition (such as accepting SSLv2, or TLSv1.2 with <128 bit ciphers), and one to list each affected host or service.
  • -r 3 - Four column "summary" report format. The first column lists the host, the second lists the sslscan server checks (session renegotiation, compression, heartbleed), the third lists accepted ciphers, the fourth lists certificate details (issuer, subject, expiration, key, etc.).
  • -r 4 - "Summary" report format, replacing the list of accepted ciphers with the "yes/no summary".
  • -r 5 - "Full" report format, with a different column for each piece of information (session renegotiation, heartbleed check, accepted ciphers, certificate issuer, certificate keyspace, etc.).
  • -r 6 - "Full" report format, replacing the list of accepted ciphers with the "yes/no summary".
• The "yes/no" summaries have expanded. TLSv1.1 is now checked for weak ciphers (<128 bits) and RC4/ADH/AECDH.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

Updates:

• sslscan used to list all accepted ciphers as a group, marked as "Accepted", while preferred ciphers were listed separately. Now, both are displayed together, with accepted and preferred ciphers labelled with "Preferred". The script previously detected ciphers by looking for lines starting with "Accepted", so this has been updated to include ciphers marked as "Preferred".
• Yes/No summaries and colorized "bad" results now include all TLSv1.0 and TLSv1.1, instead of just TLSv1.0 with CBC.
• For standard report types (-r 0, 1, or 2), --no-server-checks has been added to suppress that column.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

Updates:

• Added --do-sslscan option, which lets you run sslscan --show-certificate against each line of your input file, rather than using the input file as a file already containing sslscan results. Raw sslscan output is saved in /tmp/, and the script offers to delete these files if it finds more than 5.
• Revisions to the ticking output during results file parsing to give a little more feedback.
• Redirected stdout and stderr for the sensible-browser command, that opens the HTML file, to /dev/null.
• Added colorizing for expired certificates. Still need an example with compression enabled.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.

sslscanalyzer.sh

Shell script for converting an input file containing one or more sslscan results into HTML tables.