Make TLS/SSL security mass scans with testssl.sh and import results into ElasticSearch
Python
Switch branches/tags
Nothing to show
Clone or download

README.md

Mass Scan Tools for testssl.sh

Script collection for generating testssl.sh command lines that can be executed sequentially or in parallel with tools like GNU Parallel and importing the results into a structured document in ElasticSearch for further analysis.

This is how the scan result of a service appears in Kibana:

testssl.sh scan result viewed in Kibana

Create vulnerability lists:

Vulnerability list

Visualize vulnerability distribution:

Vulnerability counts

...or create vulnerability expiration graphs:

Vulnerability expiration graph

Dependencies

  • testssl.sh 2.9dev branch or later version
  • Python 3 with following modules:
    • elasticsearch_dsl
    • tzlocal

Usage

  1. Install dependencies (see above)
  2. Create input file with one host:port pair per line.
  3. Run generate_scan_file.py inputfile > cmdfile to generate file with testssl.sh command lines.
  4. Run parallel < cmdfile to perform testssl.sh scans.
  5. Run import_testssl.sh_csv_to_ES.py *.csv to import scan results into ElasticSearch.
  6. View/Analyze data with Kibana or the tool of your choice.
  7. Fix your TLS configurations :)

Useful Command Lines

List all vulnerabilities in "host;port;vulnerabilities" CSV format:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:vulnerabilities&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | join(", ") ) ] | join(";")'

...and add ciphertests field:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:(vulnerabilities+ciphertests)&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | if . == null then "" else (. | join(", ") ) end ), ( .ciphertests | if . == null then "" else (. | join(", ") ) end ) ] | join(";")