-------- Features -------- SSH ^^^ Differentiators """"""""""""""" - checks supported Diffie-Hellman (group exchange) key sizes - checks supported host certificates, X.509 certificates and chains - analyzes server protocol version string to identify application server vendor and version Versions """""""" - `SSH 2.0 `__ Analyzers """"""""" Supported analyzers by cryptographic protocol versions +-------------------------------------------------------------+---------+ | Analyzers | SSH 2.0 | +=============================================================+=========+ | Cipher Suites (``ciphers``) | ✓ | +-------------------------------------------------------------+---------+ | Diffie-Hellman parameters (``dhparams``) | ✓ | +-------------------------------------------------------------+---------+ | Host Keys, Host/X.509 Certificates and Chains (``pubkeys``) | ✓ | +-----------------------------------------------------------------------+ | Vulnerabilities (``vulns``) | ✓ | +-------------------------------------------------------------+---------+ Vulnerabilities """"""""""""""" - `D(HE)at attack `__ - `Terrapin attack `__ - `Logjam attack `__ - `RC4 ciphers `__ - `Sweet32 attack `__ - `anonymous Diffie-Hellman ciphers `__ - `early SSH versions `__ - `non-forward-secret ciphers `__ - `null encryption ciphers `__ SSL/TLS ^^^^^^^ Differentiators """"""""""""""" - checks 10+ application layer protocols with `opportunistic TLS `__ capability - checks 400+ cipher suites, more than discussed on `ciphersuite.info `__, or supported by `GnuTls `__, `LibreSSL `__, `OpenSSL `__, or `wolfSSL `__ - checks `GOST `__ (national standards of the Russian Federation and CIS countries) cipher suites - checks `post-quantum `__ elliptic curves (`Kyber `__) - checks TLS 1.3 draft versions, not just finnal version - checks whether Diffie-Hellman - public parameter is a `safe prime `__ - public parameter is defined in an RFC (e.g., FFDHE, MODP) or used by an application server as a builtin parameter - key exchange supports `RFC 7919 `__ (FFDHE) - key is `reused `__ Analyzers """"""""" Supported analyzers by cryptographic protocol versions +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Analyzers | SSL | TLS | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | | 2.0 | 3.0 | 1.0 | 1.1 | 1.2 | 1.3 | +===========================================+=====+=====+=====+=====+=====+=====+ | Cipher Suites (``ciphers``) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | X.509 Public Keys (``pubkeys``) | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | X.509 Public Keys Request (``pubkeyreq``) | n/a | ✓ | ✓ | ✓ | ✓ | ✗ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Elliptic-Curves (``curves``) | n/a | n/a | ✓ | ✓ | ✓ | ✓ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Diffie-Hellman parameters (``dhparams``) | n/a | n/a | ✓ | ✓ | ✓ | ✓ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Signature Algorithms (``sigalgos``) | n/a | n/a | n/a | ✓ | ✓ | ✓ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Extensions (``extensions``) | n/a | n/a | n/a | n/a | ✓ | ✓ | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Vulnerabilities (``vulns``) | n/a | n/a | n/a | n/a | n/a | n/a | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ | Simulations (``simulations``) | n/a | n/a | n/a | n/a | n/a | n/a | +-------------------------------------------+-----+-----+-----+-----+-----+-----+ Versions """""""" - Transport Layer - Secure Socket Layer (SSL) - `SSL 2.0 `__ - `SSL 3.0 `__ - Transport Layer Security (TLS) - `TLS 1.0 `__ - `TLS 1.1 `__ - `TLS 1.2 `__ - `TLS 1.3 `__ - Application Layer - `FTP `__ - `IMAP `__ - `LDAP `__ - `LMTP `__ - `MySQL `__ - `NNTP `__ - `OpenVPN `__ - `POP3 `__ - `PostgreSQL `__ - `RDP `__ - `Sieve `__ - `SMTP `__ - `XMPP (Jabber) `__ `Opportunistic TLS `__ or STARTTLS) is an extension of an application layer protocol, whichs offer a way to upgrade a plain text connection to an encrypted ione without using a separate port. Curves """""" - check `post-quantum `__ (PQC) algorithms | ``KYBER_512_R3``, ``KYBER_768_R3``, ``KYBER_1024_R3``, | ``SECP256R1_KYBER_512_R3``, ``SECP256R1_KYBER_768_R3``, | ``SECP384R1_KYBER_768_R3``, ``SECP521R1_KYBER_1024_R3``, | ``X25519_KYBER_512_R3``, ``X25519_KYBER_768_R3`` Extensions """""""""" - `application-layer protocol negotiation `__ - `encrypt-then-MAC `__ - `extended master secret `__ - `next protocols negotiation `__ - `renegotiation indication `__ - `session ticket `__ - `inetrnal clock accuracy `__ Public Keys """"""""""" - validation against notable trusted root CA certificates stores - `Apple `__ - `Google `__ - `Microsoft `__ - `Mozilla `__ - revocation check - `certificate Revocation List (CRL) `__ - `certificate status (OCSP, OCSP stapling) `__ - extensions - `TLS feature `__ (e.g. OCSP must staple) - `extended validation `__ - `certificate transparency (CT) `__ - timestamp information - transparency log information Vulnerabilities """"""""""""""" - `D(HE)at attack `__ - `DROWN attack `__ - `FREAK attack `__ - `Logjam attack `__ - `Lucky Thirteen attack `__ - `RC4 ciphers `__ - `Sweet32 attack `__ - `anonymous Diffie-Hellman ciphers `__ - `inappropriate version fallback `__ - `early TLS versions `__ - `insecure SSL versions `__ - `export grade ciphers `__ - `non-forward-secret ciphers `__ - `null encryption ciphers `__ Simulated Clients """"""""""""""""" - TLS - `Chromium `__ - `Firefox `__ - `Opera `__ Fingerprinting """""""""""""" 1. generates `JA3 tag `__ of any connecting TLS client independently from its type (graphical/cli, browser/email client/...) - `FTP `__ - `LDAP `__ - `LMTP `__ - `MySQL `__ - `NNTP `__ - `OpenVPN `__ - `POP3 `__ - `PostgreSQL `__ - `RDP `__ - `Sieve `__ - `SMTP `__ 2. decodes existing `JA3 tags `__ by showing human-readable format of the TLS parameters represented by the tag 3. generates `HASSH tag `__) of SSH clients Hypertext Transfer Protocol (HTTP) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Analyzers """"""""" Headers """"""" - generic headers - `Content-Type `__ - `NEL `__ (Network Error Logging) - `Server `__ - `Set-Cookie `__ - caching headers - `Age `__ - `Cache-Control `__ - `Date `__ - `ETag `__ - `Expires `__ - `Last-Modified `__ - `Pragma `__ - security headers - `Content Security Policy `__ (CSP) - `Content-Security-Policy-Report-Only `__ - `Expect-CT `__ - `Expect-Staple `__ - `HTTP Public Key Pinning `__ (HPKP) - `Referrer-Policy `__ - `Strict-Transport-Security `__ - `X-Content-Type-Options `__ - `X-Frame-Options `__ - `X-XSS-Protection `__ DNS ^^^ Differentiators """"""""""""""" - extract (public key) and analyze (key type, size) DNSSEC signing keys Analyzers """"""""" - e-mail authentication, reporting related records - `Domain-based Message Authentication, Reporting, and Conformance `__ (DMARC) - `Sender Policy Framework `__ (SPF) - `SMTP MTA Strict Transport Security `__ (MTA-STS) - `SMTP TLS Reporting `__ (TLSRPT) - `DNSSEC `__ records - `DNSKEY `__ - `DS `__ - `RRSIG `__