TLSSLed

TLSSLed is a Linux shell script designed to assess the security posture of SSL/TLS implementations on HTTPS web servers. It performs comprehensive checks including support for insecure protocols like SSLv2, NULL ciphers, weak ciphers with 40 or 56-bit keys, availability of strong ciphers such as AES, MD5-signed digital certificates, and SSL/TLS renegotiation capabilities.

Use cases include penetration testing, security audits, and compliance verification for web servers. Security professionals can quickly identify vulnerabilities in SSL/TLS configurations that could expose services to attacks like downgrade attacks, cipher weakening, or certificate forgery.

The tool generates detailed reports in an output directory, making it suitable for documenting findings in vulnerability assessments.

TLSSLed is a shell script that first verifies if the target service speaks SSL/TLS using openssl. It then invokes sslscan, which leverages the openssl library to test various SSL/TLS protocol versions, cipher suites, and security features. Specific tests cover SSLv2 support, NULL ciphers, weak key length ciphers (40/56 bits), strong ciphers like AES, MD5 certificate signatures, and renegotiation capabilities. Results are saved to a timestamped directory named like TLSSLed_1.3_<host>_<port>_<date>.