privateducky
commented
2 weeks ago @praetorian-rad has been kicking around a Shodan capability here, to cover one aspect of SSL: https://github.com/praetorian-inc/chaos/pull/702.
Will keep others in mind re:this ticket.
Feature Description Currently, Chariot performs limited analysis of SSL/TLS issues like support for outdated protocol versions, weak ciphersuites, etc. This feature would expand Chariot's capabilities regarding detection and reporting of such issues.
Problem Although SSL/TLS config-related issues tend to be relatively low risk, they still contribute to the overall security posture of an organization's attack surface. Additionally, we should have this information on hand in the event that it's relevant to an emergent threat.
Potential Solutions This could go a number of ways. Nuclei has support for some SSL-related functionality, so one option is to create templates for any relevant issues and treat them like Risks/Detections as appropriate. Alternatively, we could look at integrating an existing tool like SSLyze via a script plugin.