Product
Pricing
Resources
Docs
Product
Pricing
Resources
Docs

SSLYze

What is SSLYze?

SSlyze is a great open source tool for checking a website or servers SSL/TLS certificates. It checks the SSL/TLS configuration of a server by connecting to it in real time. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their servers.

Security Stage DAST (Dynamic Analysis)
Type OpenSource
Languages Any Framework
Site https://tools.kali.org/information-gathering/sslyze

 

Pre-requisite

1 You'll need a URL to scan

 

How do I set it up?

Adding SSLyze to your set of dynamic security tests is simple. Your version configuration will be setup for dynamic testing. 

To add the SSLyze security tool:

  • Go to the 'Test Tools' tab and click 'Add Tool' for the 'SSlyze' tool.

SSlyzeLogo

  • Click Save.

Now any time you click 'Test Now' for that application stage of testing, or make a request over the Uleska API or CLI for that stage, the SSlyze tool will be included in the test run and any results added to your vulnerabilities list.

Notes

Currently, the SSlyze adaptor will run the standard set of SSL/TLS tests. Configuration for timeouts, client certificates, and other settings are not currently supported but will be included in a future release. This adaptor interprets known errors from the SSLyze tool and reports them as vulnerabilities.