Nmap Development mailing list archives
PR 2278 - improvement on script ssl-enum-ciphers
From: Sulidi Maimaitiming <smaimaitiming () gmail com>
Date: Fri, 26 Mar 2021 17:12:14 +0100
Hi Nmap team, I have been using the ssl-enum-ciphers script to detect the presence of weak tls protocols and ciphers and it is a great tool. However I've noticed many ciphers are rated A for cipher strength (while they are flagged as weak on SSL Labs for instance), and then I realised there was a list of warnings aggregated at the port level. Plus the aggregated output is not always consistent... I opened a PR on GitHub (https://github.com/nmap/nmap/pull/2278) to propose a change adding a warning per cipher if it is weak or insecure. This is the first time I contribute to Nmap so I'd love to have some feedback on my PR! Thank you, Sulidi Maimaitiming
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- PR 2278 - improvement on script ssl-enum-ciphers Sulidi Maimaitiming (Mar 26)