sslscan

Scan server

$ sslscan [example.com]

$ sslscan [example.com:8443]

$ sslscan --no-ciphersuites [example.com]

$ sslscan --show-certificate [example.com]

$ sslscan --no-colour [example.com]

$ sslscan --starttls-smtp [mail.example.com:25]

$ sslscan --xml=[output.xml] [example.com]

$ sslscan --tlsall [example.com]

sslscan [--show-certificate] [--starttls-protocol] [--xml file] [options] host[:port]

sslscan tests SSL/TLS services for configuration issues. It identifies supported ciphers, protocols, and certificate problems.
The scan shows which TLS versions are enabled. Legacy protocols (SSLv2, SSLv3, TLS 1.0, TLS 1.1) are security concerns.
Cipher testing reveals weak algorithms. Export-grade, NULL, and RC4 ciphers are flagged. Color coding highlights problems.
Certificate inspection shows expiry, chain, and trust issues. It identifies self-signed, expired, or incorrectly configured certificates.
STARTTLS support enables testing mail servers and other services that upgrade connections to TLS.
Results help remediate server configurations. Compare against security standards and best practices.

--show-certificate

Show certificate details.

Skip cipher listing.

Disable colors.

XML output.

STARTTLS for SMTP.

STARTTLS for IMAP.

STARTTLS for POP3.

STARTTLS for FTP.

Test specific versions.

Test all TLS versions.

No version fallback.

SNI hostname.

Enable SSL bug workarounds.

Requires network access to target. Some servers rate-limit scans. Results depend on client capabilities. Cannot test client certs.

sslscan was originally written by Ian Ventura-Whiting around 2007. It was later forked and actively maintained by rbsec to support modern TLS features and protocols.

nmap(1), openssl(1), testssl(1), sslyze(1)