search

mozilla / cipherscan

A very simple way to find out which SSL ciphersuites are supported by a target.
Mozilla Public License 2.0
1.96k stars 264 forks source link

check for version downgrade #147

Open tomato42 opened 6 years ago

tomato42 commented 6 years ago

some servers will negotiate SSL3 when getting a TLS 1.2 hello, but will negotate TLS 1.0 or TLS 1.1 when receiving respective hello's

add a check to detect that