Knowing the SSL

One thing which I have noticed during the testing is that there are a number of vulnerabilities which occur due to TLS version and cipher suite used. So, I have added a few new tricks in my arsenal to hunt for SSL/TLS which are being used.

1 . Using SSLSCAN

2. Using NMAP scripting engine

we will discuss both of them one by one

First: SSL scan

Command: SSL scan



command : nmap –script ssl-enum-ciphers.nse target



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s