LittleNellie
/
cipherscan
mirror of https://github.com/mozilla/cipherscan.git
2
0
Fork 0
Code Issues Releases Wiki Activity
4 Commits 5 Branches 0 Tags 35 MiB
Python 53.7%
Shell 39.5%
C 6.8%
Go to file
Julien Vehent e326b40ad3 doc update 2013-07-17 15:12:20 -04:00
CiphersScan.sh wait, no, don't use my openssl, use yours 2013-07-17 15:07:14 -04:00
README.md doc update 2013-07-17 15:12:20 -04:00

README.md

CipherScan

A very simple way to find out which SSL ciphersuites are supported by a target.

Run: ./CipherScan.sh www.google.com:443 -v And watch.

Edit the script if you need more (disable benchmarking by setting DOBENCHMARK to 0).

The newer your version of openssl, the better results you'll get. Older versions of OpenSSL don't support TLS1.2 ciphers, elliptic curves, etc... Build Your Own!

Example

$ ./CiphersScan.sh www.google.com:443


Ciphersuites sorted by server preference
1 ) ECDHE-RSA-AES128-GCM-SHA256
2 ) ECDHE-RSA-RC4-SHA
3 ) ECDHE-RSA-AES128-SHA
4 ) AES128-GCM-SHA256
5 ) RC4-SHA
6 ) RC4-MD5
7 ) ECDHE-RSA-AES256-GCM-SHA384
8 ) ECDHE-RSA-AES256-SHA384
9 ) ECDHE-RSA-AES256-SHA
10) AES256-GCM-SHA384
11) AES256-SHA256
12) AES256-SHA
13) ECDHE-RSA-DES-CBC3-SHA
14) DES-CBC3-SHA
15) ECDHE-RSA-AES128-SHA256
16) AES128-SHA256
17) AES128-SHA

Secure Renegotiation IS supported