sslyze 找出網站有關SSL訊息

作者: -


找出網站有關SSL相關訊息

安裝:  

sudo apt-get update --fix-missing   

sudo apt-get install sslyze

例如:

sudo sslyze --version  <URL>

sudo sslyze --regular  <URL>



=============================================

sudo sslyze -h             

Usage: sslyze [options] target1.com target2.com:443 target3.com:443{ip} etc...


Options:

  --version             show program's version number and exit

  -h, --help            show this help message and exit

  --regular             Regular HTTPS scan; shortcut for --sslv2--sslv3--tlsv1

                        --tlsv1_1--tlsv1_2--tlsv1_3--reneg--resum--certinfo--

                        hide_rejected_ciphers--compression--heartbleed--

                        openssl_ccs--fallback--robot--elliptic_curves


  Trust stores options:

    --update_trust_stores

                        Update the default trust stores used by SSLyze. The

                        latest stores will be downloaded from https://github.c

                        om/nabla-c0d3/trust_stores_observatory. This option is

                        meant to be used separately, and will silence any

                        other command line option supplied to SSLyze.


  Client certificate options:

    --cert=CERT         Client certificate chain filename. The certificates

                        must be in PEM format and must be sorted starting with

                        the subject's client certificate, followed by

                        intermediate CA certificates if applicable.

    --key=KEY           Client private key filename.

    --keyform=KEYFORM   Client private key format. DER or PEM (default).

    --pass=KEYPASS      Client private key passphrase.


  Input and output options:

    --json_out=JSON_FILE

                        Write the scan results as a JSON document to the file

                        JSON_FILE. If JSON_FILE is set to "-", the JSON output

                        will instead be printed to stdout. The resulting JSON

                        file is a serialized version of the ScanResult objects

                        described in SSLyze's Python API: the nodes and

                        attributes will be the same. See https://nabla-c0d3.gi

                        thub.io/sslyze/documentation/available-scan-

                        commands.html for more details.

    --targets_in=TARGETS_IN

                        Read the list of targets to scan from the file

                        TARGETS_IN. It should contain one host:port per line.

    --quiet             Do not output anything to stdout; useful when using

                        --json_out.


  Connectivity options:

    --slow_connection   Greatly reduce the number of concurrent connections

                        initiated by SSLyze. This will make the scans slower

                        but more reliable if the connection between your host

                        and the server is slow, or if the server cannot handle

                        many concurrent connections. Enable this option if you

                        are getting a lot of timeouts or errors.

    --https_tunnel=HTTPS_TUNNEL

                        Tunnel all traffic to the target server(s) through an

                        HTTP CONNECT proxy. HTTP_TUNNEL should be the proxy's

                        URL: 'http://USER:PW@HOST:PORT/'. For proxies

                        requiring authentication, only Basic Authentication is

                        supported.

    --starttls=STARTTLS

                        Perform a StartTLS handshake when connecting to the

                        target server(s). StartTLS should be one of: auto,

                        smtp, xmpp, xmpp_server, pop3, imap, ftp, ldap, rdp,

                        postgres. The 'auto' option will cause SSLyze to

                        deduce the protocol (ftp, imap, etc.) from the

                        supplied port number, for each target servers.

    --xmpp_to=XMPP_TO   Optional setting for STARTTLS XMPP. XMPP_TO should be

                        the hostname to be put in the 'to' attribute of the

                        XMPP stream. Default is the server's hostname.

    --sni=SNI           Use Server Name Indication to specify the hostname to

                        connect to.  Will only affect TLS 1.0+ connections.


  Scan commands:

    --tlsv1_3           Test a server for TLS 1.3 support.

    --heartbleed        Test a server for the OpenSSL Heartbleed

                        vulnerability.

    --sslv2             Test a server for SSL 2.0 support.

    --tlsv1_1           Test a server for TLS 1.1 support.

    --reneg             Test a server for for insecure TLS renegotiation and

                        client-initiated renegotiation.

    --elliptic_curves   Test a server for supported elliptic curves.

    --http_headers      Test a server for the presence of security-related

                        HTTP headers.

    --resum_rate        Measure a server's session resumption rate when

                        attempting 100 resumptions using session IDs.

    --openssl_ccs       Test a server for the OpenSSL CCS Injection

                        vulnerability (CVE-2014-0224).

    --robot             Test a server for the ROBOT vulnerability.

    --fallback          Test a server for the TLS_FALLBACK_SCSV mechanism to

                        prevent downgrade attacks.

    --resum             Test a server for session resumption support using

                        session IDs and TLS tickets.

    --early_data        Test a server for TLS 1.3 early data support.

    --compression       Test a server for TLS compression support, which can

                        be leveraged to perform a CRIME attack.

    --tlsv1_2           Test a server for TLS 1.2 support.

    --sslv3             Test a server for SSL 3.0 support.

    --tlsv1             Test a server for TLS 1.0 support.

    --certinfo          Retrieve and analyze a server's certificate(s) to

                        verify its validity.

    --certinfo_ca_file=CERTINFO_CA_FILE

                        Path to a file containing root certificates in PEM

                        format that will be used to verify the validity of the

                        server's certificate.


留言

張貼留言

這個網誌中的熱門文章

用趨勢偵測 log4j

作者: -
圖片
 ***************************************************** 電腦設備有安裝log4j套件(可能 Apache性質居多) 可能就被當成入侵跳板 以公司對外主機 為主 ***************************************************** 趨勢 提供 免費偵測 (有限天數, 不限台數) 以自己 公司或私人 都可 註冊登入 使用 ***************************************************** 使用 chrome開啟網頁 https://www.trendmicro.com/zh_tw/apache-log4j-vulnerability.html 按 免費 掃描工具   輸入 右邊基本資料 (email 要正確) (會寄發 認證 號碼)  註冊登入成功 後, 出現  按 Get start 可選擇 下載 軟體~ 在其自己 主機(window 或 Linux 或 MacOS) 執行 執行畫面(window版)(免安裝) 偵測後 畫面 下方出現結果 可以趁機電腦 逐台執行偵測 , 都會產生報表 於 這畫面 最後建議:  1. 若 主機加裝特定 防毒防火牆軟體 可以 阻止 2. 防火牆 設定禁止這樣 字串 可阻止 3. 更新這套件的修補程式 ========================================================== 登入這網址 就可以看檢測 https://login.xdr.trendmicro.com/idp/clp/xdr?RelayState=/http%3A%2F%2Fsuccess%2F%3Frs%3D%2F%23%2Fapp%2Fasm ==========================================================
閱讀完整內容

urlcrazy 真的很crazy

作者: -
圖片
 透過輸入網址,去推敲組合道網域前面,測試是否存在該網址位置,這可以當假訊息釣魚網站或一些名稱特性的猜測 安裝 sudo apt-get install urlcrazy 執行: sudo urlcrazy  <網域> URLCrazy version 0.7.1 by Andrew Horton (urbanadventurer)                                        Visit http://www.morningstarsecurity.com/research/urlcrazy Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Supports the following domain variations: Character omission, character repeat, adjacent character swap, adjacent character replacement, double  character replacement, adjacent character insertion, missing dot, strip dashes, insert dash, singular or pluralise, common misspellings, vowel swaps, homophones, bit flipping (cosmic rays), homoglyphs, wrong top level domain, and wrong second level domain. Usage: ./urlcrazy [options] domain Options -k, --keyboard=LAYOUT  Options are: qwerty, azerty, qwertz, dvorak (default: qwerty) -p, --popularity       Check domain popularity with Google -r, -
閱讀完整內容