Skip to content

Latest commit

 

History

History
48 lines (30 loc) · 2.06 KB

README.md

File metadata and controls

48 lines (30 loc) · 2.06 KB

Mass Scan Tools for testssl.sh

Script collection for generating testssl.sh command lines that can be executed sequentially or in parallel with tools like GNU Parallel and importing the results into a structured document in ElasticSearch for further analysis.

This is how the scan result of a service appears in Kibana:

testssl.sh scan result viewed in Kibana

Create vulnerability lists:

Vulnerability list

Visualize vulnerability distribution:

Vulnerability counts

...or create vulnerability expiration graphs:

Vulnerability expiration graph

Dependencies

  • testssl.sh 2.9dev branch or later version
  • Python 3 with following modules:
    • elasticsearch_dsl
    • tzlocal

Usage

  1. Install dependencies (see above)
  2. Create input file with one host:port pair per line.
  3. Run generate_scan_file.py inputfile > cmdfile to generate file with testssl.sh command lines.
  4. Run parallel < cmdfile to perform testssl.sh scans.
  5. Run import_testssl.sh_csv_to_ES.py *.csv to import scan results into ElasticSearch.
  6. View/Analyze data with Kibana or the tool of your choice.
  7. Fix your TLS configurations :)

Useful Command Lines

List all vulnerabilities in "host;port;vulnerabilities" CSV format:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:vulnerabilities&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | join(", ") ) ] | join(";")'

...and add ciphertests field:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:(vulnerabilities+ciphertests)&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | if . == null then "" else (. | join(", ") ) end ), ( .ciphertests | if . == null then "" else (. | join(", ") ) end ) ] | join(";")