A very simple way to find out which SSL ciphersuites are supported by a target.
The stronger the Ciphers, they harder close to impossible for them to break in. In fact service providers like cloud-flare employ very strong ciphers, that it would exhaust computer resources of the attackers, making them stop the attack by themselves. In Recent years, we are seeing strong ssh ciphers emerge, the strong the better, that would make it ssh generated keys better and difficult to crack .
“This tool is written by mozzila and there repo is opensource. Also if you want to test out this tool checkout cipherscan online”
So how strong are you ciphers, and how can you test them?
Mozilla has worked on a very simple cipher testing tools, to aid in testing for ciphers, for different services, that simple tool is called Cipherscan.
Cipherscan is a simple way to find out which SSL ciphersuites are supported by a target. Cipherscan works by testing the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.
Setting up cipherscan on Debian and Ubuntu
This setup should be done on python virtualenv
sudo apt-get install python3-pip
sudo pip3 install virtualenv
#
# Create virtualenv
virtualenv venv
# Or create a python version specific virtualenv
virtualenv -p python3 myenv
#
# Now clone the git repo
git clone https://github.com/laramies/theHarvester.git
#
pip3 install -r requirements.txt
#
# Wait until the installation is done.
Other Tools
Comentarios