Releases · tls-attacker/TLS-Scanner

Implemented Prototype for TLS client scanning
Added ability to print sitereporrt as json
TLS-Scanner can now dynamically bypass some amount of intolerances due to dynamic base config selection
Reworked POM
Moved vulnerability evaluation from TLS-Attacker to TLS-Scanner
Introduced 2 new modules TLS-Scanner-Core and Scanner-Core which bundle generic Scanner code and TLS specific scanner code that can be used by either client or server scanners or also for other protocols
Introduced more meaningful TestResults, that can now express more nuances
Introduced a probe for RecordLayer fragementation support
Introduced probes to analyze random numbers
Bleichenbacher Probe now also performs statistical tests to evaluate a possible vulnerability
Introoduced tests for BSI and NIST guidelines
Removed TlsPoodle Probe (was already covered by Padding Oracle Probe)
TLS-Scanner can now use custom CA's to evaluate certificate trust
Minor changes towards code quality and maintainability
Fixed a bug which caused the JVM to still run even after the scan has finished
Introduced SignatureAndHashAlgorithm probe which evaluates which constants are supported by the server
Introduced SignatureAndHashAlgorithm order probe which checks if the server is enforcing its preferences
Introduced NamedGroups order probe which checks if the server is enforcing its preferences
Moved TLS-Scanner to Java 11
Runnaway probes are now automatically killed after a fixed amount of time to prevent infinite loops
Fixed a bug in the Sweet32 probe which caused wrong results
Added a test that checks if the server is using a unix timestamp in its random

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Releases: tls-attacker/TLS-Scanner

TLS-Scanner 4.2.0

TLS-Scanner 4.1.3

TLS-Scanner 4.1.2

TLS-Scanner 2.11.2

TLS-Scanner 4.1.1

TLS-Scanner 4.1.0

TLS-Scanner 4.0.0

TLS-Scanner 3.0.2

TLS-Scanner 3.0.1

TLS-Scanner 3.0.0