June 2017
Intermediate to advanced
338 pages
8h 28m
English
The last tool we'll look into for general SSL/TLS scanning is the venerable Nmap. Armed with a script, specific to the task (ssl-enum-ciphers), Nmap can enumerate all of the ciphers available on a host and even provide a grading for each based on current best practices. While it lacks the completeness of SSLyze and SSLscan, this feature makes it a useful and well-known engine for making recommendations to customers.
The output in the following screenshot shows what a scan might look like against the OWASP BWA itself (the homepage, not a specific application):
nmap -sV ; script ssl-enum-ciphers -p 443 www.hackthissite.org
Read now
Unlock full access