11 Commits

Author	SHA1	Message	Date
Hubert Kario	2b959f601d	use CApath for certificates and store certificates ... CApath is about 20% faster than CAfile so use it, also save the recived certificates from the servers for later analysis (proper hostname checking, looking for certificates sharing private key, etc.)	2014-10-04 14:27:13 +02:00
Hubert Kario	2f56f0515e	don't scan the same host twice	2014-05-16 18:16:45 +02:00
Hubert Kario	1a78172936	scan just one host per hostname	2014-05-16 16:11:01 +02:00
Hubert Kario	cdbf596466	properly handle pure IP adressess ... (it's illegal to use IP in SNI)	2014-05-16 15:42:47 +02:00
Hubert Kario	5ef53dda9c	increase paralelism of jobs ... because sometimes tcping takes a long time to timeout for a lot of hosts in batch use also load average to keep the cpu busy	2014-05-13 13:41:16 +02:00
Hubert Kario	a213fc45d0	remove the folder/file part from url ... some hostnames in the top-1m.csv file have folder or site specified in them, cut it off before using	2014-05-13 13:41:16 +02:00
Hubert Kario	00b20a20ed	perform SNI enabled scan ... for example, youtube requires SNI extension to be present to return ECDSA certificates, use it for scanning	2014-05-13 13:41:16 +02:00
Hubert Kario	8817a7b1c8	testtop1m.sh: correct counting of background jobs ... `jobs` command returns multiple lines for a jobs with `if` so counting number of background jobs was off	2014-05-13 13:41:16 +02:00
Hubert Kario	b6b9a1a364	Improve scanning performance and reduce false negatives ... scan all the machines from top-1m.csv file, wait for completion of all jobs i=1 is an off-by-one-error support top-1m.csv files with arbitrary number of sites run scans for many hosts at a time, but don't run more than specified amount in case where default domain name doesn't resolve or doesn't have port 443 open, retry with www. prefix	2014-04-19 22:56:41 +02:00
Julien Vehent	f3c8b24b8b	tweaks	2014-01-09 20:16:40 +00:00
Julien Vehent	e4ea957c8d	Script to scan Alexa's top 1m websites	2014-01-09 11:52:17 -05:00