TLS

Outdated versions might occur on older applications and allow an attacker to eavesdrop on the client-server communication. SSLscan or OpenSSL are good scanning tools for this.

sudo apt-get install sslscan

The last part in the syntax -tls1 can be switched to -tls1_1, -tls1_2, -tls1_3 depending on which version you want to test individually.

Syntax

openssl s_client -connect www.example.com:443 -servername www.example.com -tls1

openssl s_client -connect www.example.com:443 -servername www.example.com -tls1_1

openssl s_client -connect www.example.com:443 -servername www.example.com -tls1_2

Weakly Encrypted Ciphers

This might occur on applications and allow an attacker to eavesdrop on the client-server communication. unsafe-ssl is a good script to use and can be installed with the apt command. The normal OpenSSL does not support ciphers which is the stuff we will be testing in this section.

The last part in the syntax -tls1 can be changed to -tls1_1, -tls1_2, -tls1_3 depending on which version you want to test individually.

Syntax

Note: Sweet32 -tls1_2 or -tls1_3 is NOT vulnerable to the same stuff as -tls1 and -tls1_1

Sweet32

openssl s_client -cipher "DES-CBC3-SHA" -connect www.example.com:443 -servername www.example.com -tls1

RC4

openssl s_client -cipher "RC4-SHA" -connect www.example.com:443 -servername www.example.com -tls1

Logjam

openssl s_client -cipher "DHE-RSA-AES128-SHA" -connect www.example.com:443 -servername www.example.com -tls1