In this recipe, we will learn to use tools to scan for vulnerable SSL ciphers and SSL-related vulnerabilities.
Getting ready
For this recipe, you will require an Internet connection.
How to do it...
- Open the terminal and launch the SSLScan tool, as shown in the following screenshot:
- To scan your target using SSLScan, run the following command:
sslscan demo.testfire.net
- SSLScan will test the SSL certificate for the all the ciphers it supports. Weak ciphers will be shown in red and yellow. Strong ciphers will be shown in green:
root@Intrusion-Exploitation:~# sslscan demo.testfire.netVersion: -staticOpenSSL 1.0.1m-dev ...