Categories: Kali Linux

TLS-Scanner : The TLS-Scanner Module from TLS-Attacker

TLS-Scanner is a tool created by the Chair for Network and Data Security from the Ruhr-University Bochum to assist pentesters and security researchers in the evaluation of TLS Server configurations.

Note: It is a research tool intended for TLS developers, pentesters, administrators and researchers. There is no GUI. It is in the first version and may contain some bugs.

Compiling TLS-Scanner

In order to compile and use it, you need to have Java and Maven installed, as well as TLS-Attacker in Version 2.6

$ cd TLS-Scanner
$ mvn clean package

Alternatively, if you are in hurry, you can skip the tests by using:

$ mvn clean package -DskipTests=true

If you want to use it as a library you need to install it with the following command:

$ mvn clean install

For hints on installing the required libraries checkout the corresponding GitHub repositories.

Note: In order to run this tool you need TLS-Attacker version 2.6

Also ReadMetadata-Attacker : A Tool To Generate Media Files With Malicious Metadata

Running

In order to run it you need to run the jar file in the apps/ folder.

$ java -jar apps/TLS-Scanner.jar -connect localhost:4433

You can specify a host you want to scan with the -connect parameter. If you want to improve the performance of the scan you can use the -threads parameter (default=1).

R K

Recent Posts

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

23 hours ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

2 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

2 days ago

What is SIEM? Complete Guide to Security Information and Event Management

Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…

2 days ago

Website OSINT: Tools and Techniques for Reconnaissance

Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…

2 days ago

Top OSINT Tools to Find Emails, Usernames and Passwords

Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…

3 days ago