Key features include:

Multi-processed and multi-threaded scanning (it’s fast)

SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility

Performance testing: session resumption and TLS tickets support

Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more

Server certificate validation and revocation checking through OCSP stapling

Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP and FTP

Support for client certificates when scanning servers that perform mutual authentication

XML output to further process the scan results

Author: iSECPartners

License: GPLv2

Let’s get started.

First, we need to install SSLyze. Before installing SSLyze, we need to install python setuptools using the following command:

pip install --upgrade setuptools



Then we install SSLyze using the following command:

pip install --upgrade sslyze



Then when the installation is completed, you shall see a screen similar to this:





At this level, you managed to successfully install sslyze.

Now, let’s use the tool and find out what it can really do.

To start SSLyze and go to the help menu, simple type the following command:

sslyze -h

To extract the configuration of a particular website, type the following command:

sslyze –-regular www.yahoo.com





(Here, we took www.yahoo.com as an example, you can replace it with any website of your choice)

Your screen should look like that (if you used www.yahoo.com):

You can scroll down your terminal to see what information the tool has extracted.