Description
testssl.sh is a free command-line tool which checks TLS/SSL ciphers, protocols, and cryptographic flaws on any port. It's the go-to tool for SSL/TLS auditing in penetration tests.
Installation
BASH
# Clone
git clone https://github.com/drwetter/testssl.sh.git
cd testssl.sh
# Kali (pre-installed)
testssl --help
# Homebrew
brew install testsslBasic Usage
BASH
# Full test against a host
./testssl.sh https://target.com
# Test specific port
./testssl.sh target.com:443
# Quick check
./testssl.sh --fast https://target.comAdvanced Usage
BASH
# Check specific vulnerabilities
./testssl.sh --heartbleed https://target.com
./testssl.sh --ccs-injection https://target.com
./testssl.sh --robot https://target.com
./testssl.sh --crime https://target.com
# Check only protocols
./testssl.sh --protocols https://target.com
# Check only ciphers
./testssl.sh --ciphers https://target.com
# JSON output
./testssl.sh --jsonfile results.json https://target.com
# CSV output
./testssl.sh --csvfile results.csv https://target.com
# HTML report
./testssl.sh --htmlfile report.html https://target.com
# Check certificate details
./testssl.sh --server-defaults https://target.com
# Check HSTS and headers
./testssl.sh --headers https://target.com
# Mass scan
testssl --file hosts.txtCommon Workflows
BASH
# Full audit with JSON output
./testssl.sh --severity HIGH --jsonfile audit.json https://target.com
# Quick protocol check
./testssl.sh --protocols --quiet https://target.com
# Check for all known vulnerabilities
./testssl.sh --vulnerable https://target.com