Skip to content

attackdebris/sslurry

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

SSLurry

SSLurry - A quick and dirty .nessus file parser to extract hosts/services affected by SSL related issues

Blog post: https://www.attackdebris.com/?p=594

I've been testing on a large number of heavily populated internal subnets recently. Accurately reporting SSL protocol/cipher and certificate related issues can be time consuming in such scenarios, time that can be utilised more effectively identifying issues not reported by automated scanners and/or assessing more significant issues.

Due to the sheer size of some target environments our testing remit may only extend to identifing services affected by common SSL related failings rather than detailing the more granular issue e.g. report expired certificates are in use but don't detail the valid before/valid after dates.

To save some time and some of sanity in dealing with this problem the python3 script sslslurry.py was born, example output below:

Obviously making use of sslurry should be caveated by the fact that the usual potential false positives reported by Nessus will still be present e.g. certificates reported as being untrusted even if signed by a trusted internal certificate authority.

Installation:

git clone https://github.com/attackdebris/sslurry.git

Usage:

python3 sslurry.py [.nessus_file]

Sample Output

About

A quick and dirty .nessus file parser to extract hosts/services affected by SSL related issues

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages