SSLyze v0.8
nabla-c0d3
released this
30 Dec 20:00
·
120 commits
to master
since this release
Changelog
- Additional certificate chain validation using the Apple, Microsoft and Java trust stores in addition to Mozilla's
- Added support for StartTLS RDP; see --starttls=rdp
- Greatly improved the reliability and accuracy of scan results by adding an exponential backoff algorithm to retry failed network connections. This will especially impact scans against servers that stop properly answering after several concurrent connections have already been opened. The number of retry attempts can be controlled using --nb_retries
- Bug fixes including:
- Better results when the server requested a client certificate but none was supplied
- Clarified text and XML output
- Better HTTP Strict Transport Security plugin
- Fixed PluginCompression false negatives