testssl.sh
testssl.sh is a free command line tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols, and cryptographic flaws. It provides clear and machine-readable output, works on various operating systems, and does not require additional installations. The tool offers flexibility to test any SSL/TLS enabled service, not limited to web servers, and ensures reliability, privacy, and freedom as it is open source under GPLv2 license.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
Simple script to check a domain's email protections and identify vulnerabilities.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.