Script collection for generating testssl.sh command lines that can be executed sequentially or in parallel with tools like GNU Parallel and importing the results into a structured document in ElasticSearch for further analysis.
This is how the scan result of a service appears in Kibana:
Create vulnerability lists:
Visualize vulnerability distribution:
...or create vulnerability expiration graphs:
host:port
pair per line.generate_scan_file.py inputfile > cmdfile
to generate file with testssl.sh command lines.parallel < cmdfile
to perform testssl.sh scans.import_testssl.sh_csv_to_ES.py *.csv
to import scan results into ElasticSearch.List all vulnerabilities in "host;port;vulnerabilities" CSV format:
curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:vulnerabilities&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | join(", ") ) ] | join(";")'
...and add ciphertests field:
curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:(vulnerabilities+ciphertests)&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | if . == null then "" else (. | join(", ") ) end ), ( .ciphertests | if . == null then "" else (. | join(", ") ) end ) ] | join(";")