Burp Suite plugin for scanning SSL vulnerabilities.
- Launch Burp Suite
- Click the Extender tab
- Add the extension to your list while selecting Python as the language
- SSLv2 and SSLv3 connectivity
- Heartbleed
- CCS Injection
- TLS_FALLBACK_SCSV support
- POODLE (SSLv3)
- Sweet32
- DROWN
- FREAK
- LUCKY13
- CRIME (TLS Compression)
- BEAST
- Check for weak ciphers
- BREACH
- Logjam
Most of the testing logic are from testssl.sh
Heartbleed test and CCS Injection test code are modified from a2sv