testssl.sh
@testssl.bsky.social
Posts in EN about testssl.sh and related stuff
The bridge from the fediverse is also here (https://bsky.app/profile/testssl.infosec.exchange.ap.brid.gy). But might cut postings due to size limitations of bspky .
The bridge from the fediverse is also here (https://bsky.app/profile/testssl.infosec.exchange.ap.brid.gy). But might cut postings due to size limitations of bspky .
September 18, 2025 at 7:08 PM
Further development now takes place in the 3.3dev branch which was just created
github.com/testssl/test...
github.com/testssl/test...
GitHub - testssl/testssl.sh: Testing TLS/SSL encryption anywhere on any port
Testing TLS/SSL encryption anywhere on any port . Contribute to testssl/testssl.sh development by creating an account on GitHub.
github.com
June 15, 2025 at 8:23 AM
Further development now takes place in the 3.3dev branch which was just created
github.com/testssl/test...
github.com/testssl/test...
On friday the (bugfixed) version 3.2.1 of testssl.sh was released
Get it from here: github.com/testssl/test...
🚀
Get it from here: github.com/testssl/test...
🚀
June 15, 2025 at 8:21 AM
On friday the (bugfixed) version 3.2.1 of testssl.sh was released
Get it from here: github.com/testssl/test...
🚀
Get it from here: github.com/testssl/test...
🚀
The last release of testssl.sh in the 3.0.10 branch was just created which includes several bugfixes.
Get it from here: github.com/testssl/test...
Get it from here: github.com/testssl/test...
June 15, 2025 at 8:17 AM
The last release of testssl.sh in the 3.0.10 branch was just created which includes several bugfixes.
Get it from here: github.com/testssl/test...
Get it from here: github.com/testssl/test...
Branch 3.2 of testssl.sh has now also a github action running under MacOS which permits dealing with compatibility issue in the very beginning, i.e. when write a PR
And it has more badges now ;-) -- including the status of the Ubuntu and MacOS CI runner.
And it has more badges now ;-) -- including the status of the Ubuntu and MacOS CI runner.
May 20, 2025 at 4:11 PM
Branch 3.2 of testssl.sh has now also a github action running under MacOS which permits dealing with compatibility issue in the very beginning, i.e. when write a PR
And it has more badges now ;-) -- including the status of the Ubuntu and MacOS CI runner.
And it has more badges now ;-) -- including the status of the Ubuntu and MacOS CI runner.
testssl.sh 3.2.0 is finally out, see github.com/testssl/test... or just testssl.sh .
Changelog see github.com/testssl/test...
Changelog see github.com/testssl/test...
/bin/bash based SSL/TLS tester: testssl.sh
TLS/SSL security testing with Open Source Software
testssl.sh
April 23, 2025 at 11:59 AM
testssl.sh 3.2.0 is finally out, see github.com/testssl/test... or just testssl.sh .
Changelog see github.com/testssl/test...
Changelog see github.com/testssl/test...
testssl.sh :verified: @testssl
Some browsers and also #OpenSSL 3.5.0 support already #PQ #KEMs for key exchange to to provide secure key establishment resistance.
The (real soon now) to be released testssl.sh 3.2 final will include handshake simulation, see last column:
Some browsers and also #OpenSSL 3.5.0 support already #PQ #KEMs for key exchange to to provide secure key establishment resistance.
The (real soon now) to be released testssl.sh 3.2 final will include handshake simulation, see last column:
April 10, 2025 at 7:31 PM
testssl.sh :verified: @testssl
Some browsers and also #OpenSSL 3.5.0 support already #PQ #KEMs for key exchange to to provide secure key establishment resistance.
The (real soon now) to be released testssl.sh 3.2 final will include handshake simulation, see last column:
Some browsers and also #OpenSSL 3.5.0 support already #PQ #KEMs for key exchange to to provide secure key establishment resistance.
The (real soon now) to be released testssl.sh 3.2 final will include handshake simulation, see last column:
The supplied #openssl binary (Linux 64Bit) for testssl.sh was updated + uploaded here: testssl.sh/openssl-1.0..... Repo with sources: github.com/testssl/open...
Testing before it'll be merged to github would be appreciated.
If you find issues please report them here: github.com/testssl/test...
Testing before it'll be merged to github would be appreciated.
If you find issues please report them here: github.com/testssl/test...
testssl.sh
January 29, 2025 at 4:06 PM
The supplied #openssl binary (Linux 64Bit) for testssl.sh was updated + uploaded here: testssl.sh/openssl-1.0..... Repo with sources: github.com/testssl/open...
Testing before it'll be merged to github would be appreciated.
If you find issues please report them here: github.com/testssl/test...
Testing before it'll be merged to github would be appreciated.
If you find issues please report them here: github.com/testssl/test...
Reposted by testssl.sh
January 29, 2025 at 4:00 PM
Version 3.2rc4 of testssl.sh is out!
It brings lots of fixes + improvements under the hood. The important new feature is support of some KEMs (key encapsulation mechanism), aka Post Quantum Hybrid Key Agreements - thanks to David.
Get it at github.com/testssl/test... or github.com/testssl/test...
It brings lots of fixes + improvements under the hood. The important new feature is support of some KEMs (key encapsulation mechanism), aka Post Quantum Hybrid Key Agreements - thanks to David.
Get it at github.com/testssl/test... or github.com/testssl/test...
January 24, 2025 at 3:11 PM
Version 3.2rc4 of testssl.sh is out!
It brings lots of fixes + improvements under the hood. The important new feature is support of some KEMs (key encapsulation mechanism), aka Post Quantum Hybrid Key Agreements - thanks to David.
Get it at github.com/testssl/test... or github.com/testssl/test...
It brings lots of fixes + improvements under the hood. The important new feature is support of some KEMs (key encapsulation mechanism), aka Post Quantum Hybrid Key Agreements - thanks to David.
Get it at github.com/testssl/test... or github.com/testssl/test...
Reposted by testssl.sh
Another example of the externalized cost of fixed release Linux distributions: Debian Bullseye (oldstable, LTS until August 2026) ships a root store that's years out of date.
Besides being a security issue, it slows down the entire TLS ecosystem.
Besides being a security issue, it slows down the entire TLS ecosystem.
crypto/x509: potentially anomalous path building results · Issue #65085 · golang/go
Go version go1.21.5 linux/amd64 Output of go env in your module/workspace: GO111MODULE='' GOARCH='amd64' GOBIN='' GOCACHE='/home/runner/.cache/go-build' GOENV='/home/runner/.config/go/env' GOEXE=''...
github.com
January 4, 2025 at 12:47 AM
Another example of the externalized cost of fixed release Linux distributions: Debian Bullseye (oldstable, LTS until August 2026) ships a root store that's years out of date.
Besides being a security issue, it slows down the entire TLS ecosystem.
Besides being a security issue, it slows down the entire TLS ecosystem.
While testssl.sh does a lot of checks with bash sockets it still depends on openssl.
The supplied openssl in the git repo had a few issues . The new Linux 64 Bit binary needs your help testing:
testssl.sh/openssl-1.0....
Please file issues in the repo. "Works ok" incl. Linux distro is fine here
The supplied openssl in the git repo had a few issues . The new Linux 64 Bit binary needs your help testing:
testssl.sh/openssl-1.0....
Please file issues in the repo. "Works ok" incl. Linux distro is fine here
/bin/bash based SSL/TLS tester: testssl.sh
TLS/SSL security testing with Open Source Software
testssl.sh
January 4, 2025 at 7:34 PM
While testssl.sh does a lot of checks with bash sockets it still depends on openssl.
The supplied openssl in the git repo had a few issues . The new Linux 64 Bit binary needs your help testing:
testssl.sh/openssl-1.0....
Please file issues in the repo. "Works ok" incl. Linux distro is fine here
The supplied openssl in the git repo had a few issues . The new Linux 64 Bit binary needs your help testing:
testssl.sh/openssl-1.0....
Please file issues in the repo. "Works ok" incl. Linux distro is fine here
Reposted by testssl.sh
The testssl.sh repo resides now under https://github.com/testssl/testssl.sh
GitHub - testssl/testssl.sh: Testing TLS/SSL encryption anywhere on any port
Testing TLS/SSL encryption anywhere on any port . Contribute to testssl/testssl.sh development by creating an account on GitHub.
github.com
January 4, 2025 at 1:51 PM
The testssl.sh repo resides now under https://github.com/testssl/testssl.sh
Reposted by testssl.sh
Also cool is, that Wireshark directly allows you to start an application with this environment variable set. So you can launch a browser from within Wireshark and directly decrypt and analyze the TLS traffic. 😃👌
December 24, 2024 at 11:06 AM
Also cool is, that Wireshark directly allows you to start an application with this environment variable set. So you can launch a browser from within Wireshark and directly decrypt and analyze the TLS traffic. 😃👌
Reposted by testssl.sh
TIL how easy it is to ask curl to dump TLS session keys to disk 🛠️
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
December 20, 2024 at 11:35 AM
TIL how easy it is to ask curl to dump TLS session keys to disk 🛠️
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍