Hello readers, welcome back to another post and today we are going to take a look at the tool sslscan which lets you query SSL services like HTTPS and SMTP to know what ciphers are supported.
This post is for educational uses only and it is used to show you one blackhat hacker could gather recon on your site. We don’t hold responsibility for any actions you may perform with this tool!!
HOw to use sslscan
Right first we wanna look at the commands, for this type sslscan -h into your terminal
Wow there are allot of commands, shows how useful and dangerous this tool could be in the hands of blackhats.
Performing a scan
Now we are going to do a scan on a simple website, here it is –
Now I have typed sslscan –show-certificates –show-ciphers intrex.com
You must remember that the arguments go before the target, you can also use ips with this tool. Now what these operations do are fun, –show certificates basically shows full information on the sites certificates and –show-ciphers show the supported client ciphers. Now there are many things you can do with this tool and we can’t show them all as you can explore for yourself.
After scanning is done it will show a whole load of information and we won’t show an image of it for legal reasons.
I hope you enjoyed this post!!
Stick around for more posts on amazing tools like this one! Thanks for reading