tlsenum

LSE toolsLSE toolstlsenum (451)tlsenum (451)

Tool and Usage

Project details

Year of inception
License
MIT
Programming language
Python
Author
Terry Chia
Latest release
0.3
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Tlsenum is a CLI tool to enumerate TLS protocol and TLS cipher support by a server. The tool lists then the output based on the order of priority. Tlsenum can be used to find the supported protocols and ciphers of a system and determine if it is properly hardened. This information can be useful to system administrators and pentesters doing a security assessment of the system.

How it works

This tool works by sending out sending out TLS ClientHello messages. Any ServerHello responses from the server are parsed. It assumes that the server is the one which decides the preferred cipher suite, giving an idea on the available ciphers.

Usage and audience

tlsenum is commonly used for information gathering, security assessment, system enumeration, or system hardening. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

$ tlsenum twitter.com 443
TLS Versions supported by server: 3.0, 1.0, 1.1, 1.2
Deflate compression: no
Supported Cipher suites in order of priority:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Author and Maintainers

Tlsenum is under development by Terry Chia.

Installation

Supported operating systems

Tlsenum is known to work on Linux.

tlsenum alternatives

Similar tools to tlsenum:

64

cipherscan

Cipherscan is a tool to test the ordering of SSL/TLS ciphers on a given target. It tests the major versions of SSL, TLS, and any extensions of these protocols.

60

sslcaudit

The sslcaudit project helps with automated testing of SSL/TLS clients for resistance against MITM attacks.

97

testssl.sh

testssl.sh is a command line tool which checks a system on any port for the support of TLS/SSL ciphers, protocols, as well as some cryptographic flaws.

All tlsenum alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Compare tlsenum with other tools

Categories

This tool is categorized as a SSL/TLS scanner and cipher scan tool.