How to setup BurpSuite Jython environment (Burp Extender)
SSL Scanner
This extension enables Burp to scan for SSL vulnerabilities.
Most of the testing logic are from testssl.sh. Heartbleed test and CCS Injection test code are modified from a2sv.
Vulnerabilities:
SSLv2 and SSLv3 connectivity
Heartbleed
CCS Injection
TLS_FALLBACK_SCSV support
POODLE (SSLv3)
Sweet32
DROWN
FREAK
LUCKY13
CRIME (TLS Compression)
BEAST
Check for weak ciphers
BREACH
Logjam
Author Pattara Teerapong and Meatasit Karakate
Version 1.2
Rating
Popularity
Last updated 15 August 2018
This extension enables Burp to scan for SSL vulnerabilities.
Most of the testing logic are from testssl.sh. Heartbleed test and CCS Injection test code are modified from a2sv.
Vulnerabilities:
SSLv2 and SSLv3 connectivity
Heartbleed
CCS Injection
TLS_FALLBACK_SCSV support
POODLE (SSLv3)
Sweet32
DROWN
FREAK
LUCKY13
CRIME (TLS Compression)
BEAST
Check for weak ciphers
BREACH
Logjam
Author Pattara Teerapong and Meatasit Karakate
Version 1.2
Rating
Popularity
Last updated 15 August 2018
No comments