TLS-Scanner is a tool created by the Chair for Network and Data Security from the Ruhr-University Bochum to assist pentesters and security researchers in the evaluation of TLS Server configurations.

Note: It is a research tool intended for TLS developers, pentesters, administrators and researchers. There is no GUI. It is in the first version and may contain some bugs.

Compiling TLS-Scanner

In order to compile and use it, you need to have Java and Maven installed, as well as TLS-Attacker in Version 2.6

$ cd TLS-Scanner
$ mvn clean package

Alternatively, if you are in hurry, you can skip the tests by using:

$ mvn clean package -DskipTests=true

If you want to use it as a library you need to install it with the following command:

$ mvn clean install

For hints on installing the required libraries checkout the corresponding GitHub repositories.

Note: In order to run this tool you need TLS-Attacker version 2.6

Also ReadMetadata-Attacker : A Tool To Generate Media Files With Malicious Metadata


In order to run it you need to run the jar file in the apps/ folder.

$ java -jar apps/TLS-Scanner.jar -connect localhost:4433

You can specify a host you want to scan with the -connect parameter. If you want to improve the performance of the scan you can use the -threads parameter (default=1).