search

TKCERT / testssl.sh-masscan

Make TLS/SSL security mass scans with testssl.sh and import results into ElasticSearch
GNU General Public License v3.0
108 stars 25 forks source link

readme

Mass Scan Tools for testssl.sh

Script collection for generating testssl.sh command lines that can be executed sequentially or in parallel with tools like GNU Parallel and importing the results into a structured document in ElasticSearch for further analysis.

This is how the scan result of a service appears in Kibana:

testssl.sh scan result viewed in Kibana

Create vulnerability lists:

Vulnerability list

Visualize vulnerability distribution:

Vulnerability counts

...or create vulnerability expiration graphs:

Vulnerability expiration graph

Dependencies

Usage

  1. Install dependencies (see above)
  2. Create input file with one host:port pair per line.
  3. Run generate_scan_file.py inputfile > cmdfile to generate file with testssl.sh command lines.
  4. Run parallel < cmdfile to perform testssl.sh scans.
  5. Run import_testssl.sh_csv_to_ES.py *.csv to import scan results into ElasticSearch.
  6. View/Analyze data with Kibana or the tool of your choice.
  7. Fix your TLS configurations :)

Useful Command Lines

List all vulnerabilities in "host;port;vulnerabilities" CSV format:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:vulnerabilities&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | join(", ") ) ] | join(";")'

...and add ciphertests field:

curl -qsk 'localhost:9200/testssl-*/_search?q=_exists_:(vulnerabilities+ciphertests)&size=10000' | jq -r '.hits.hits[]._source | [ .ip, ( .port | tostring ), ( .vulnerabilities | if . == null then "" else (. | join(", ") ) end ), ( .ciphertests | if . == null then "" else (. | join(", ") ) end ) ] | join(";")