testssl.sh
spiderfoot
Our great sponsors
testssl.sh | spiderfoot | |
---|---|---|
43 | 19 | |
7,628 | 11,723 | |
- | - | |
8.8 | 6.6 | |
10 days ago | 3 months ago | |
Shell | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
testssl.sh
-
Badssl.com
You’re in luck because such a tool exists :) https://testssl.sh/
- Testing TLS/SSL Encryption
-
Uncertain how to proceed with patching SSL and TLS issues in MacOS (Sweet32)
Run https://testssl.sh/ and see what ciphers are being offered.
-
Changing SSL Wildcard Certificate
There is https://github.com/drwetter/testssl.sh utility. It can help diagnose issues (e.g. diffs between working and non-working sites).
- Specific SSL Ciphers Test
-
SSL Diag Tool
For internal use, there's https://testssl.sh/
-
Dovecot not offering TLSv1.2 after a few minutes
The current configuration allows for TLSv1 to TLSv1.3 connections. I can verify those using testssl.sh, the tests will succeed (although correctly mentioning, that TLSv1 and TLSv1.1 should be disabled). Running the tests again after about 5 minutes, the results are different. TLSv1.2 now shows "not offered and downgraded to a weaker protocol".
- How to combine pem file and 3 security certificates?
- oggi 2022-11-01 verrà rilasciata una vulnerabilità di livello CRITICAL su OpenSSL 3.0.x
-
alternative to whatsmychaincert.com cli or gui
testssl.sh
spiderfoot
-
piece of software to find /crawl information about yourself?
I’d suggest Spiderfoot.
- Hey. How does one find out everything related to a certain e-mail adress? on which sites it has an account registered and stuff like that? im totally new to this. thanks!!!
- Whats that website employers can use to find all the sites your email address was used?
-
What are your preferred OSINT tools?
the most complete and best at present https://www.spiderfoot.net
-
Social media
Spiderfoot is good https://github.com/smicallef/spiderfoot
-
About OSINT Search Engine
Have you tried SpiderFoot. Let it run for a day and you will be amazed at the findings! https://www.spiderfoot.net/
- SpiderFoot 4.0 release - introducing YAML correlation rules
-
Serach engines for hackers - updated
https://www.spiderfoot.net/ - open-source reconnaissance tool available for Linux and Windows
-
A new free, open source, cross platform OSINT Tool
Mostly by researching the OSINT sources that other open source project pulls data from e.g amass, spiderfoot, the Harvetser etc
-
OSINT Tools
try this tool https://www.spiderfoot.net/
What are some alternatives?
https-ssl-cert-check-zabbix - Script to check validity and expiration of TLS/SSL certificate on hosts. May be used with Zabbix or standalone.
theHarvester - E-mails, subdomains and names Harvester - OSINT
kubernetes-the-hard-way - Bootstrap Kubernetes the hard way. No scripts.
amass - In-depth attack surface mapping and asset discovery
ssh-audit - SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Sublist3r - Fast subdomains enumeration tool for penetration testers
ssh-audit - SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Go-MISPFeedGenerator - Golang implementation of PyMISP-feedgenerator
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web
OpenSSL - TLS/SSL and crypto library
OSINT-Framework - OSINT Framework