Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 50 million developers.Sign up
- Added support for scanning for supported elliptic curves (#447):
$ python -m sslyze --elliptic_curves www.cloudflare.com * Elliptic Curve Key Exchange: Supported curves: prime256v1, secp384r1, secp521r1, X25519 Rejected curves: sect163r2, secp160r1, sect233k1, X448, secp160r2, sect233r1, secp192k1, sect239k1, secp224k1, sect193r1, sect283k1, secp224r1, sect163k1, sect283r1, secp256k1, secp160k1, sect409k1, prime192v1, sect409r1, sect163r1, sect193r2, sect571k1, sect571r1
- Improved check for HTTP security headers by adding support for HTTP redirections (#393 ).
- Fixed bug causing some results to not be returned when scanning multiple servers (#429 ).
- Added support for more versions of the cryptography package for better compatibility (#428 ).
- Fixed crash when scanning a server with a certificate that has duplicate X509 extensions (#420 )
Big internal refactoring focused on modernizing the code base (dataclasses, type annotations, etc.) and improving the speed and reliability of the scan results.
- The Python API and the format of the outputs have been drastically improved and simplified, but are not backward-compatible with older versions of SSLyze.
- Python 3.8 is now supported, and Python 3.6 is no longer supported.
- Huge improvements to the reliability of the scans:
- The number of concurrent connections per single server can now be controlled and is set to 5 by default (#385).
- This limit is enforced regardless of the number of scan commands queued for the server, and drastically reduces the number of scans that fail due to a slow server or a slow connection.
- Various improvements to cipher suites scanning:
- The size of the cipher's suite key is now always returned.
- The (EC) Diffie-Helmann parameters negotiated during the TLS handshake are now returned (#394).
- Various improvements to server certificate checks:
- SSLyze is now compatible with PEP 561 for type checking with mypy.
- Various improvements to the JSON output:
- Support for XML output was removed.