pyssltest beta – Script for Qualys SSLLabs

pyssltest beta – Script for Qualys SSLLabs

pyssltest is a python multithreaded script to make use of Qualys SSLLabsĀ APIĀ to test SSL flaws.

The script takes a text file as input with the urls to servers that you need test listed line by line and it initites ssl lab tests on each of them (25 threads parallel so 25 tests) and based on the result it generates a CSV file with extended information from the results.

The results will contain the following items each row:

  • Input_URL – The input URL
  • Domain – The domain
  • IP – The IP address it resolved to
  • returncode – The value returned from Qualys server (READY, ERROR etc)
  • Grade – The Grade as per Qualys rating
  • Secondary grade – Secondary Grade as per qualys rating

Now it contains these items per each server. Basically these contain Y (yes) or N (no) values and the headings are self explanatory:

  • Freak
  • Poodle_TLS
  • Insecure renegotiation
  • OpenSSL ccs
  • Insecure DH
  • SSL v2
  • Poodle_SSL
  • wrong domain
  • cert expired
  • self signed cert
  • No TLS1.2?
  • SSL v3
  • RC4
  • cert chain issue
  • forward secrecy not supported?
  • weak private key?
  • weak signature
  • secure renegotiation
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2

More Information: here

Running the script

python -i inp.txt -o inp.csv -n

-i <filename> :- A text file with target urls listed line by line 
-o <filename> :- A csv file to which the output will be written 
-n :- Optional, To always initiate new tests. If this is omitted cached results from qualys is fetched

[button size=large style=round color=red align=none url=]Download pyssltest Beta[/button]

Thanks to Mohesh Mohan for sharing this tool with us.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.