SSLyze – SSL configuration scanning library and CLI tool
3 days ago
- #Python
- #Security
- #SSL/TLS
- SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.
- Analyzes SSL/TLS configurations to ensure strong encryption and checks for vulnerabilities like Heartbleed, ROBOT, etc.
- Focuses on speed and reliability, scanning hundreds of thousands of servers daily.
- Easy to operationalize, can be run from CI/CD to check against Mozilla's recommended TLS configuration.
- Offers a fully documented Python API for integration into applications like AWS Lambda.
- Supports scanning non-HTTP servers including SMTP, XMPP, LDAP, etc.
- Scan results can be saved to JSON for later processing.
- Installable via pip on Windows, Linux, and macOS.
- Can be used via Docker or as a pre-compiled Windows executable.
- Checks server configurations against Mozilla's TLS standards by default.
- Configurable to check against different Mozilla TLS configurations (old, intermediate, modern).
- Can be integrated into CI/CD pipelines for continuous compliance checks.
- Development setup involves installing via pip and running tests with invoke.
- Licensed under GNU Affero General Public License (AGPL).