cipherscan
cipherscan copied to clipboard
oparoz
A very simple way to find out which SSL ciphersuites are supported by a target.
It's probably better to leave the column empty than to print "None" in the PFS column
When matching a target to a name in the list of names contained in the certificate, the script should be able to understand IDN.
It should be possible to match accounts.google.nl to the *.google.nl alt name. I'm thinking... - convert any sub to a * - test to see if that name exists in...
There is no need to go through the whole list of alternative names, I just need to quickly see if the found CN is in there
If the SNI switch is activated, the script should check if the target is an IP, and if it's the case, print a warning and stop.