SSLyze

Release 6.0.0

https://pepy.tech/badge/sslyze https://img.shields.io/pypi/l/sslyze.svg https://img.shields.io/pypi/pyversions/sslyze.svg

SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.

SSLyze can analyze the SSL/TLS configuration of a server by connecting to it, in order to ensure that it uses strong encryption settings (certificate, cipher suites, elliptic curves, etc.), and that it is not vulnerable to known TLS attacks (Heartbleed, ROBOT, OpenSSL CCS injection, etc.).

Installation & Quick Start

Instructions on how to install and use SSLyze are available in the README.

Running scans using the Python API

The Python API gives full access to SSLyze’s scanning engine in order to make it easy to implement SSL/TLS scanning as part of a continuous security testing platform, and detect any misconfiguration across a range of public and/or internal endpoints.

Exporting and processing scan results in JSON

The result of SSLyze scans can be serialized to JSON for further processing. SSLyze also provides a helper class to parse JSON scan results; it can be used to process the results of SSLyze scans in a separate Python program.

Appendix: Scan Commands

Indices and tables