XMPPoke is a tool which is used to probe XMPP servers for their security and connectivity settings. Think testssl.sh, but for XMPP and with different features.
It focuses on cipher suites, certificate validity, authentication options, SRV record setup and DANE.
The configuration happens via environment variables:
XMPPOKE_QUEUE_PORT
: the port the queue manager binds toXMPPOKE_QUEUE_LISTEN
: the address the queue manager binds toXMPPOKE_DB_HOST
: passed as--db-host
toxmppoke
, the host of the PostgreSQL database.XMPPOKE_DB_PORT
: passed as--db-port
toxmppoke
, the port of the PostgreSQL database.XMPPOKE_DB_PASSWORD
: passed as--db-password
toxmppoke
, the password of the PostgreSQL database.XMPPOKE_VERSION_JID
: passed as--version-jid
toxmppoke
, the JID of the account used to query the version of tested servers (optional).XMPPOKE_VERSION_PASSWORD
: passed as--version-password
toxmppoke
, the password of the account used to query the version of tested servers (optional).
XMPPoke uses a database PostgreSQL to store the results (the schema for the database can be found in the XMPPoke repository).
It connects as user xmppoke
to a database called xmppoke
. The host, port and password for the database connection can be specified via environment variables.