TLS Testing Resources
This page lists correctness and safety testing resources for TLS implementations and related software dependencies. It excludes implementation-specific tests.
Note that there is no official conformance test suite.
- badssl - Insecure and uncommon server configurations
- BoGo - Test harness for (D)TLS, supported by BoringSSL and NSS. See PORTING.md for information about supporting other implementations.
- TLS Attacker - TLS-Attacker is a Java-based framework for analyzing TLS libraries.
- tlsfuzzer - Fuzzer and test suite for TLS (SSLv2, SSLv3, v1.0, v1.1, v1.2, v1.3) implementations.
- Frankencerts - Specially crafted certificates for testing certificate validation code in TLS implementations.
The following tools lists may help identify features or properties of different TLS implementations:
- SSL Labs Browser and Server Tester - Browser-based tool for checking features of TLS servers and browser implementations.