Skip to content
GitHub no longer supports this web browser. Learn more about the browsers we support.
The TLS-Scanner Module from TLS-Attacker
Java
Branch: master
Clone or download
Cannot retrieve the latest commit at this time.
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src Fixed trustanchors Nov 12, 2019
trust_stores_observatory @ f100a08
.gitignore Merge origin/master into defaultRecommendationSerializer Sep 24, 2019
.gitmodules
Dockerfile
README.md
checkstyle.xml
license_header.txt
license_header_plain.txt Improved rating influencers. Jul 7, 2019
maven-eclipse-codestyle.xml
nb-configuration.xml
nbactions.xml
pom.xml

README.md

TLS-Scanner

TLS-Scanner is a tool created by the Chair for Network and Data Security from the Ruhr-University Bochum to assist pentesters and security researchers in the evaluation of TLS Server configurations.

Please note: TLS-Scanner is a research tool intended for TLS developers, pentesters, administrators and researchers. There is no GUI. It is in the first version and may contain some bugs.

Compiling

In order to compile and use TLS-Scanner, you need to have Java and Maven installed, as well as TLS-Attacker in Version 3.3.1

$ cd TLS-Scanner
$ mvn clean package

Alternatively, if you are in hurry, you can skip the tests by using:

$ mvn clean package -DskipTests=true

If you want to use TLS-Scanner as a library you need to install it with the following command:

$ mvn clean install

For hints on installing the required libraries checkout the corresponding GitHub repositories.

Please note: In order to run this tool you need TLS-Attacker version 3.3.1

Running

In order to run TLS-Scanner you need to run the jar file in the apps/ folder.

$ java -jar apps/TLS-Scanner.jar -connect localhost:4433

You can specify a host you want to scan with the -connect parameter. If you want to improve the performance of the scan you can use the -threads parameter (default=1).

Docker

We provide you with a Dockerfile, which lets you run the scanner directly:

$ docker build . -t tlsscanner
$ docker run -t tlsscanner

Please note: I am by no means familiar with Docker best practices. If you know how to improve the Dockerfile feel free to issue a pullrequest

You can’t perform that action at this time.