bararchy/ruby-SSLscanner

A simple and easy to use SSL Cipher scanner

ruby-SSLscanner

A simple and easy to use SSL Cipher scanner

Dependencies

Ruby 2.0.0 or Higher (ruby 1.9.0 should also work)

Colorize gem

Installation

gem install ScanSSL

Or

---

Clone the repo

1. git clone https://github.com/bararchy/ruby-SSLscanner.git

2. cd ruby-SSLscanner

3. gem install colorize

4. gem install prawn

5. ruby sslscanner.rb -s google.com -p 443 -c

Usage

Usage: sslscanner.rb: [-s <server hostname/ip>] [-p <port>] [-d <debug>] [-c <certificate information>] [-o <output file>] [-t <output file type>]

Added the '-h' option to allow importing a hosts file, the host file should have a server:port for each line.

./sslscanner.rb -s google.com -p 443 -c

Output:

TO-DO

• More check for vulnerable cipher combinations
• Checks for insecured TLS renogotiation
• Checks for:
  • Heartbleed
  • Crime
• Checks for weak certificate key algorithms
• Option to import hosts from file
  • multithreading when scanning multiple hosts
• Option to export data to file:
  • txt
  • pdf
  • html
  • csv
• Some kind of a nice "loading bar" while results are geathred
• Use OptionParser or Cli.k for command line options
• Multithreading on Protocols (speeds scan 4 times)

Licensed under MIT

Special thanks to:

• @ik5 (idokan@gmail.com).
• Dor Lerner (dorl3rn3r@gmail.com).
• @elichai
• @wolfedale "Pawel"