Skip to content

TLS-Scanner 4.2.0
Compare
Choose a tag to compare
@mmaehren mmaehren released this 08 Jun 21:11
4.2.0
bdc8464
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Implemented Prototype for TLS client scanning
Added ability to print sitereporrt as json
TLS-Scanner can now dynamically bypass some amount of intolerances due to dynamic base config selection
Reworked POM
Moved vulnerability evaluation from TLS-Attacker to TLS-Scanner
Introduced 2 new modules TLS-Scanner-Core and Scanner-Core which bundle generic Scanner code and TLS specific scanner code that can be used by either client or server scanners or also for other protocols
Introduced more meaningful TestResults, that can now express more nuances
Introduced a probe for RecordLayer fragementation support
Introduced probes to analyze random numbers
Bleichenbacher Probe now also performs statistical tests to evaluate a possible vulnerability
Introoduced tests for BSI and NIST guidelines
Removed TlsPoodle Probe (was already covered by Padding Oracle Probe)
TLS-Scanner can now use custom CA's to evaluate certificate trust
Minor changes towards code quality and maintainability
Fixed a bug which caused the JVM to still run even after the scan has finished
Introduced SignatureAndHashAlgorithm probe which evaluates which constants are supported by the server
Introduced SignatureAndHashAlgorithm order probe which checks if the server is enforcing its preferences
Introduced NamedGroups order probe which checks if the server is enforcing its preferences
Moved TLS-Scanner to Java 11
Runnaway probes are now automatically killed after a fixed amount of time to prevent infinite loops
Fixed a bug in the Sweet32 probe which caused wrong results
Added a test that checks if the server is using a unix timestamp in its random

Assets 2
Loading