Skip to content

Make TLS/SSL security mass scans with testssl.sh and import results into ElasticSearch

License

Notifications You must be signed in to change notification settings

C0FFEEC0FFEE/testssl.sh-masscan

 
 

Repository files navigation

Mass Scan Tools for testssl.sh

Script collection for generating testssl.sh command lines that can be executed sequentially or in parallel with tools like GNU Parallel and importing the results into a structured document in ElasticSearch for further analysis.

This is how the scan result of a service appears in Kibana:

testssl.sh scan result viewed in Kibana

Create vulnerability lists:

Vulnerability list

Visualize vulnerability distribution:

Vulnerability counts

...or create vulnerability expiration graphs:

Vulnerability expiration graph

Dependencies

  • testssl.sh 2.9dev branch or later version
  • Python 3 with following modules:
    • elasticsearch_dsl
    • tzlocal

Usage

  1. Install dependencies (see above)
  2. Create input file with one host:port pair per line.
  3. Run generate_scan_file.py inputfile > cmdfile to generate file with testssl.sh command lines.
  4. Run parallel < cmdfile to perform testssl.sh scans.
  5. Run import_testssl.sh_csv_to_ES.py *.csv to import scan results into ElasticSearch.
  6. View/Analyze data with Kibana or the tool of your choice.
  7. Fix your TLS configurations :)

Useful Command Lines

List all vulnerabilities in "host;port;vulnerabilities" CSV format:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:vulnerabilities&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | join(", ") ) ] | join(";")'

...and add ciphertests field:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:(vulnerabilities+ciphertests)&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | if . == null then "" else (. | join(", ") ) end ), ( .ciphertests | if . == null then "" else (. | join(", ") ) end ) ] | join(";")

About

Make TLS/SSL security mass scans with testssl.sh and import results into ElasticSearch

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%