diff --git a/docs/documentation/.buildinfo b/docs/documentation/.buildinfo index b1647912..e8d899af 100644 --- a/docs/documentation/.buildinfo +++ b/docs/documentation/.buildinfo @@ -1,4 +1,4 @@ # Sphinx build info version 1 # This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done. -config: 97b3451be6c04378175579402a82d6be +config: 710e1f17bd6b1026352fe79ab79c95d4 tags: 645f666f9bcd5a90fca523b33c5a78b7 diff --git a/docs/documentation/_static/documentation_options.js b/docs/documentation/_static/documentation_options.js index 54adbea3..86d47bd6 100644 --- a/docs/documentation/_static/documentation_options.js +++ b/docs/documentation/_static/documentation_options.js @@ -1,6 +1,6 @@ var DOCUMENTATION_OPTIONS = { URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'), - VERSION: '5.0.3', + VERSION: '5.0.6', LANGUAGE: 'None', COLLAPSE_INDEX: false, BUILDER: 'html', diff --git a/docs/documentation/available-scan-commands.html b/docs/documentation/available-scan-commands.html index 7c138ff3..81c8b912 100644 --- a/docs/documentation/available-scan-commands.html +++ b/docs/documentation/available-scan-commands.html @@ -6,7 +6,7 @@ - Appendix: Scan Commands — SSLyze 5.0.3 documentation + Appendix: Scan Commands — SSLyze 5.0.6 documentation @@ -525,7 +525,7 @@

Result class
-ev_oids: Optional[List[cryptography.hazmat._oid.ObjectIdentifier]] = None
+ev_oids: Optional[List[ObjectIdentifier]] = None
@@ -1441,7 +1441,7 @@

Quick search

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/genindex.html b/docs/documentation/genindex.html index bc79f4ee..dd26bc72 100644 --- a/docs/documentation/genindex.html +++ b/docs/documentation/genindex.html @@ -5,7 +5,7 @@ - Index — SSLyze 5.0.3 documentation + Index — SSLyze 5.0.6 documentation @@ -640,7 +640,7 @@

Quick search

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/index.html b/docs/documentation/index.html index c6f1ff4d..d9087d86 100644 --- a/docs/documentation/index.html +++ b/docs/documentation/index.html @@ -6,7 +6,7 @@ - SSLyze — SSLyze 5.0.3 documentation + SSLyze — SSLyze 5.0.6 documentation @@ -34,7 +34,7 @@

SSLyze

-

Release 5.0.3

+

Release 5.0.6

https://pepy.tech/badge/sslyze https://img.shields.io/pypi/l/sslyze.svg https://img.shields.io/pypi/pyversions/sslyze.svg @@ -85,7 +85,9 @@

Exporting and processing scan results in
@@ -181,7 +183,7 @@

Quick search

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/json-output.html b/docs/documentation/json-output.html index f0103586..2e378b3d 100644 --- a/docs/documentation/json-output.html +++ b/docs/documentation/json-output.html @@ -6,7 +6,7 @@ - Exporting and processing scan results in JSON — SSLyze 5.0.3 documentation + Exporting and processing scan results in JSON — SSLyze 5.0.6 documentation @@ -39,16 +39,39 @@

Exporting and processing scan results in JSON./json_output_schema.json.

-
-

JSON output when using the CLI

+
+

Exporting results to JSON when using the CLI

When using the CLI, the scan results can be exported to a JSON file using the --json_out option:

$ python -m sslyze www.google.com www.facebook.com --json_out=result.json
-

The generated JSON file can then be parsed using the SslyzeOutputAsJson.from_file() method:

-
def example_json_result_parsing() -> None:
+
The generated JSON file can then be parsed, as described in the “Parsing the JSON output” section.

+
+
+

Exporting results to JSON when using the API

+

When using the API, the scan results can be exported to a JSON file using the SslyzeOutputAsJson.from_orm() method:

+
def example_json_result_output(
+    json_file_out: Path,
+    all_server_scan_results: List[ServerScanResult],
+    date_scans_started: datetime,
+    date_scans_completed: datetime,
+) -> None:
+    json_output = SslyzeOutputAsJson(
+        server_scan_results=[ServerScanResultAsJson.from_orm(result) for result in all_server_scan_results],
+        invalid_server_strings=[],  # Not needed here - specific to the CLI interface
+        date_scans_started=date_scans_started,
+        date_scans_completed=date_scans_completed,
+    )
+    json_output_as_str = json_output.json(sort_keys=True, indent=4, ensure_ascii=True)
+    json_file_out.write_text(json_output_as_str)
+
+
+
+
+

Parsing the JSON output

+

A JSON results file generated by SSLyze can then be parsed using the SslyzeOutputAsJson.from_file() method:

+
def example_json_result_parsing(results_as_json_file: Path) -> None:
     # SSLyze scan results serialized to JSON were saved to this file using --json_out
-    results_as_json_file = Path(__file__).parent / "tests" / "json_tests" / "sslyze_output.json"
     results_as_json = results_as_json_file.read_text()
 
     # These results can be parsed
@@ -102,7 +125,9 @@ 
Navigation

 
 
@@ -142,7 +167,7 @@ 
Quick search
- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/objects.inv b/docs/documentation/objects.inv index 86e70458..2c784c1a 100644 Binary files a/docs/documentation/objects.inv and b/docs/documentation/objects.inv differ diff --git a/docs/documentation/py-modindex.html b/docs/documentation/py-modindex.html index cfc0c37d..5512ac80 100644 --- a/docs/documentation/py-modindex.html +++ b/docs/documentation/py-modindex.html @@ -5,7 +5,7 @@ - Python Module Index — SSLyze 5.0.3 documentation + Python Module Index — SSLyze 5.0.6 documentation @@ -112,7 +112,7 @@

Quick search

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/running-a-scan-in-python.html b/docs/documentation/running-a-scan-in-python.html index 3dceb6ca..93bb0dd0 100644 --- a/docs/documentation/running-a-scan-in-python.html +++ b/docs/documentation/running-a-scan-in-python.html @@ -6,7 +6,7 @@ - Running a Scan in Python — SSLyze 5.0.3 documentation + Running a Scan in Python — SSLyze 5.0.6 documentation @@ -81,6 +81,9 @@

Overview

A full example of running a scan on a couple servers follow:

def main() -> None:
+    print("=> Starting the scans")
+    date_scans_started = datetime.utcnow()
+
     # First create the scan requests for each server that we want to scan
     try:
         all_scan_requests = [
@@ -97,7 +100,9 @@ 
Full Examplescanner.queue_scans(all_scan_requests)
 
     # And retrieve and process the results for each server
+    all_server_scan_results = []
     for server_scan_result in scanner.get_results():
+        all_server_scan_results.append(server_scan_result)
         print(f"\n\n****Results for {server_scan_result.server_location.hostname}****")
 
         # Were we able to connect to the server and run the scan?
@@ -150,6 +155,17 @@ 
Full Examplef"{leaf_cert.public_key().__class__.__name__}: {leaf_cert.subject.rfc4514_string()}"
                     f" (Serial: {leaf_cert.serial_number})"
                 )
+
+        # etc... Other scan command results to process are in server_scan_result.scan_result
+
+    # Lastly, save the all the results to a JSON file
+    json_file_out = Path(f"api_sample_results.json")
+    print(f"\n\n=> Saving scan results to {json_file_out}")
+    example_json_result_output(json_file_out, all_server_scan_results, date_scans_started, datetime.utcnow())
+
+    # And ensure we are able to parse them
+    print(f"\n\n=> Parsing scan results from {json_file_out}")
+    example_json_result_parsing(json_file_out)
@@ -814,7 +830,7 @@

Quick search

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/search.html b/docs/documentation/search.html index 0df5de21..77cd2c01 100644 --- a/docs/documentation/search.html +++ b/docs/documentation/search.html @@ -5,7 +5,7 @@ - Search — SSLyze 5.0.3 documentation + Search — SSLyze 5.0.6 documentation @@ -113,7 +113,7 @@

Related Topics

- ©Copyright 2021 Alban Diquet. + ©Copyright 2022 Alban Diquet. | Powered by Sphinx 4.4.0 diff --git a/docs/documentation/searchindex.js b/docs/documentation/searchindex.js index 36044973..ab748707 100644 --- a/docs/documentation/searchindex.js +++ b/docs/documentation/searchindex.js @@ -1 +1 @@ -Search.setIndex({docnames:["available-scan-commands","index","json-output","running-a-scan-in-python"],envversion:{"sphinx.domains.c":2,"sphinx.domains.changeset":1,"sphinx.domains.citation":1,"sphinx.domains.cpp":4,"sphinx.domains.index":1,"sphinx.domains.javascript":2,"sphinx.domains.math":2,"sphinx.domains.python":3,"sphinx.domains.rst":2,"sphinx.domains.std":2,sphinx:56},filenames:["available-scan-commands.rst","index.rst","json-output.rst","running-a-scan-in-python.rst"],objects:{"":[[0,0,0,"-","sslyze"]],"sslyze.CertificateDeploymentAnalysisResult":[[0,2,1,"","leaf_certificate_has_must_staple_extension"],[0,2,1,"","leaf_certificate_is_ev"],[0,2,1,"","leaf_certificate_signed_certificate_timestamps_count"],[0,2,1,"","leaf_certificate_subject_matches_hostname"],[0,2,1,"","ocsp_response"],[0,2,1,"","ocsp_response_is_trusted"],[0,2,1,"","path_validation_results"],[0,2,1,"","received_certificate_chain"],[0,2,1,"","received_chain_contains_anchor_certificate"],[0,2,1,"","received_chain_has_valid_order"],[0,2,1,"","verified_certificate_chain"],[0,2,1,"","verified_chain_has_legacy_symantec_anchor"],[0,2,1,"","verified_chain_has_sha1_signature"]],"sslyze.CertificateInfoExtraArgument":[[0,2,1,"","custom_ca_file"]],"sslyze.CertificateInfoScanResult":[[0,2,1,"","certificate_deployments"],[0,2,1,"","hostname_used_for_server_name_indication"]],"sslyze.CipherSuitesScanResult":[[0,2,1,"","accepted_ciphers"],[0,2,1,"","rejected_ciphers"],[0,2,1,"","tls_version_used"]],"sslyze.ClientAuthenticationCredentials":[[3,2,1,"","certificate_chain_path"],[3,2,1,"","key_password"],[3,2,1,"","key_path"],[3,2,1,"","key_type"]],"sslyze.CompressionScanResult":[[0,2,1,"","supports_compression"]],"sslyze.EarlyDataScanResult":[[0,2,1,"","supports_early_data"]],"sslyze.EllipticCurve":[[0,2,1,"","name"],[0,2,1,"","openssl_nid"]],"sslyze.ExpectCtHeader":[[0,2,1,"","enforce"]],"sslyze.FallbackScsvScanResult":[[0,2,1,"","supports_fallback_scsv"]],"sslyze.HeartbleedScanResult":[[0,2,1,"","is_vulnerable_to_heartbleed"]],"sslyze.HttpHeadersScanResult":[[0,2,1,"","expect_ct_header"],[0,2,1,"","http_error_trace"],[0,2,1,"","http_path_redirected_to"],[0,2,1,"","http_request_sent"],[0,2,1,"","strict_transport_security_header"]],"sslyze.OpenSslCcsInjectionScanResult":[[0,2,1,"","is_vulnerable_to_ccs_injection"]],"sslyze.OpenSslFileTypeEnum":[[3,2,1,"","ASN1"],[3,2,1,"","PEM"]],"sslyze.PathValidationResult":[[0,2,1,"","openssl_error_string"],[0,2,1,"","trust_stores"],[0,2,1,"","verified_certificate_chain"],[0,2,1,"","was_validation_successful"]],"sslyze.ProtocolWithOpportunisticTlsEnum":[[3,2,1,"","FTP"],[3,2,1,"","IMAP"],[3,2,1,"","LDAP"],[3,2,1,"","POP3"],[3,2,1,"","POSTGRES"],[3,2,1,"","RDP"],[3,2,1,"","SMTP"],[3,2,1,"","XMPP"],[3,2,1,"","XMPP_SERVER"],[3,3,1,"","from_default_port"]],"sslyze.RobotScanResult":[[0,2,1,"","result"]],"sslyze.RobotScanResultEnum":[[0,2,1,"id8","NOT_VULNERABLE_NO_ORACLE"],[0,2,1,"id9","NOT_VULNERABLE_RSA_NOT_SUPPORTED"],[0,2,1,"id10","UNKNOWN_INCONSISTENT_RESULTS"],[0,2,1,"id7","VULNERABLE_STRONG_ORACLE"],[0,2,1,"id6","VULNERABLE_WEAK_ORACLE"]],"sslyze.ScanCommand":[[0,2,1,"","CERTIFICATE_INFO"],[0,2,1,"","ELLIPTIC_CURVES"],[0,2,1,"","HEARTBLEED"],[0,2,1,"","HTTP_HEADERS"],[0,2,1,"","OPENSSL_CCS_INJECTION"],[0,2,1,"","ROBOT"],[0,2,1,"","SESSION_RENEGOTIATION"],[0,2,1,"","SESSION_RESUMPTION"],[0,2,1,"","SSL_2_0_CIPHER_SUITES"],[0,2,1,"","SSL_3_0_CIPHER_SUITES"],[0,2,1,"","TLS_1_0_CIPHER_SUITES"],[0,2,1,"","TLS_1_1_CIPHER_SUITES"],[0,2,1,"","TLS_1_2_CIPHER_SUITES"],[0,2,1,"","TLS_1_3_CIPHER_SUITES"],[0,2,1,"","TLS_1_3_EARLY_DATA"],[0,2,1,"","TLS_COMPRESSION"],[0,2,1,"","TLS_FALLBACK_SCSV"]],"sslyze.ScanCommandAttempt":[[3,2,1,"","error_reason"],[3,2,1,"","error_trace"],[3,2,1,"","result"],[3,2,1,"","status"]],"sslyze.ScanCommandErrorReasonEnum":[[3,2,1,"","BUG_IN_SSLYZE"],[3,2,1,"","CLIENT_CERTIFICATE_NEEDED"],[3,2,1,"","CONNECTIVITY_ISSUE"],[3,2,1,"","WRONG_USAGE"]],"sslyze.ServerNetworkConfiguration":[[3,2,1,"","network_max_retries"],[3,2,1,"","network_timeout"],[3,2,1,"","tls_client_auth_credentials"],[3,2,1,"","tls_server_name_indication"],[3,2,1,"","tls_wrapped_protocol"],[3,2,1,"","xmpp_to_hostname"]],"sslyze.ServerNetworkLocation":[[3,2,1,"","connection_type"],[3,2,1,"","hostname"],[3,2,1,"","http_proxy_settings"],[3,2,1,"","ip_address"],[3,2,1,"","port"]],"sslyze.ServerScanResult":[[3,2,1,"","connectivity_error_trace"],[3,2,1,"","connectivity_result"],[3,2,1,"","connectivity_status"],[3,2,1,"","network_configuration"],[3,2,1,"","scan_result"],[3,2,1,"","scan_status"],[3,2,1,"","server_location"],[3,2,1,"","uuid"]],"sslyze.SessionRenegotiationScanResult":[[0,2,1,"","accepts_client_renegotiation"],[0,2,1,"","supports_secure_renegotiation"]],"sslyze.SessionResumptionSupportExtraArgument":[[0,2,1,"","number_of_resumptions_to_attempt"]],"sslyze.SessionResumptionSupportScanResult":[[0,2,1,"","session_id_attempted_resumptions_count"],[0,2,1,"","session_id_resumption_result"],[0,2,1,"","session_id_successful_resumptions_count"],[0,2,1,"","tls_ticket_attempted_resumptions_count"],[0,2,1,"","tls_ticket_resumption_result"],[0,2,1,"","tls_ticket_successful_resumptions_count"]],"sslyze.StrictTransportSecurityHeader":[[0,2,1,"","include_subdomains"],[0,2,1,"","max_age"],[0,2,1,"","preload"]],"sslyze.SupportedEllipticCurvesScanResult":[[0,2,1,"","rejected_curves"],[0,2,1,"","supported_curves"],[0,2,1,"","supports_ecdh_key_exchange"]],"sslyze.TlsResumptionSupportEnum":[[0,2,1,"","FULLY_SUPPORTED"],[0,2,1,"","NOT_SUPPORTED"],[0,2,1,"","PARTIALLY_SUPPORTED"],[0,2,1,"","SERVER_IS_TLS_1_3_ONLY"]],"sslyze.TlsVersionEnum":[[0,2,1,"","SSL_2_0"],[0,2,1,"","SSL_3_0"],[0,2,1,"","TLS_1_0"],[0,2,1,"","TLS_1_1"],[0,2,1,"","TLS_1_2"],[0,2,1,"","TLS_1_3"]],"sslyze.TrustStore":[[0,2,1,"","ev_oids"],[0,3,1,"","is_certificate_extended_validation"],[0,2,1,"id1","name"],[0,2,1,"id0","path"],[0,2,1,"id2","version"]],sslyze:[[3,1,1,"","AllScanCommandsAttempts"],[0,1,1,"","CertificateDeploymentAnalysisResult"],[0,1,1,"","CertificateInfoExtraArgument"],[0,1,1,"","CertificateInfoScanResult"],[0,1,1,"","CipherSuite"],[0,1,1,"","CipherSuiteAcceptedByServer"],[0,1,1,"","CipherSuiteRejectedByServer"],[0,1,1,"","CipherSuitesScanResult"],[3,1,1,"","ClientAuthenticationCredentials"],[0,1,1,"","CompressionScanResult"],[0,1,1,"","EarlyDataScanResult"],[0,1,1,"","EllipticCurve"],[0,1,1,"","EphemeralKeyInfo"],[0,1,1,"","ExpectCtHeader"],[0,1,1,"","FallbackScsvScanResult"],[0,1,1,"","HeartbleedScanResult"],[0,1,1,"","HttpHeadersScanResult"],[0,1,1,"","OpenSslCcsInjectionScanResult"],[3,1,1,"","OpenSslFileTypeEnum"],[0,1,1,"","PathValidationResult"],[3,1,1,"","ProtocolWithOpportunisticTlsEnum"],[0,1,1,"","RobotScanResult"],[0,1,1,"","RobotScanResultEnum"],[0,1,1,"","ScanCommand"],[3,1,1,"","ScanCommandAttempt"],[3,1,1,"","ScanCommandErrorReasonEnum"],[3,1,1,"","Scanner"],[3,1,1,"","ServerConnectivityStatusEnum"],[3,1,1,"","ServerNetworkConfiguration"],[3,1,1,"","ServerNetworkLocation"],[3,1,1,"","ServerScanRequest"],[3,1,1,"","ServerScanResult"],[3,1,1,"","ServerScanStatusEnum"],[3,1,1,"","ServerTlsProbingResult"],[0,1,1,"","SessionRenegotiationScanResult"],[0,1,1,"","SessionResumptionSupportExtraArgument"],[0,1,1,"","SessionResumptionSupportScanResult"],[0,1,1,"","StrictTransportSecurityHeader"],[0,1,1,"","SupportedEllipticCurvesScanResult"],[0,1,1,"","TlsResumptionSupportEnum"],[0,1,1,"","TlsVersionEnum"],[0,1,1,"","TrustStore"]]},objnames:{"0":["py","module","Python module"],"1":["py","class","Python class"],"2":["py","attribute","Python attribute"],"3":["py","method","Python method"]},objtypes:{"0":"py:module","1":"py:class","2":"py:attribute","3":"py:method"},terms:{"0":[0,1,2,3],"0224":0,"09":0,"1":[1,3],"10":[],"100":0,"2":[0,3],"2014":0,"2016":0,"2017":0,"26":0,"3":[1,3],"4":0,"443":3,"5":[0,1,3],"509":0,"6":0,"62":0,"64":[],"class":[1,2],"default":[0,3],"do":[2,3],"enum":0,"function":0,"import":3,"int":[0,3],"long":0,"public":1,"return":[0,3],"true":0,"try":[0,3],A:[0,2,3],And:3,By:3,For:0,If:[0,3],Is:0,It:3,NOT:3,No:3,Not:[],That:2,The:[0,1,2,3],Then:3,These:2,To:3,Will:0,_:[],__class__:3,__file__:2,__name__:3,_cert_chain_analyz:0,_oid:0,_print_failed_scan_command_attempt:[2,3],_resumption_with_id:0,_scancommandresulttypevar:3,abl:[0,3],about:3,accept:0,accepted_ciph:0,accepted_cipher_suit:[0,3],accepts_client_renegoti:0,access:1,accord:0,accur:0,across:1,act:0,activ:[],actual:3,ad:[],addit:0,address:3,after:[0,3],ag:0,against:[0,3],algorithm:0,alia:[],all:[0,2,3],all_scan_request:3,allow:3,allscancommandsattempt:3,also:[1,2],altern:0,an:[0,3],analysi:0,analyz:[0,1],anchor:0,ani:[0,1],annot:[2,3],ansi:0,api:[0,3],appendix:3,appl:0,applic:[],ar:[0,1,2,3],argument:3,arm:[],asn1:3,assert:[2,3],attack:[0,1],attempt:[0,3],attribut:3,auto:3,autom:3,automat:3,avail:[0,1,2,3],aw:[],back:0,bad:3,base:0,bashrc:[],battl:[],below:0,big:[],bit:[],blog:0,bool:[0,3],both:0,bug_in_sslyz:3,built:0,bytearrai:0,c0d3:[],ca:0,can:[0,1,2,3],cc:1,cd:[],cert_deploy:[2,3],certif:[1,2,3],certificate_chain_path:3,certificate_deploy:[0,2,3],certificate_info:[0,2,3],certificate_signatur:[],certificate_typ:[],certificatedeploymentanalysisresult:0,certificateinfoextraargu:0,certificateinfoscanattempt:3,certificateinfoscanresult:0,certinfo_attempt:[2,3],certinfo_result:[2,3],chain:0,check:[0,3],choic:[],cipher:[1,3],cipher_suit:[0,3],cipher_suite_support:3,ciphersuit:0,ciphersuiteacceptedbyserv:0,ciphersuiterejectedbyserv:0,ciphersuitesscanattempt:3,ciphersuitesscanresult:0,classmethod:3,cli:1,client:0,client_auth_requir:3,client_certificate_need:3,clientauthenticationcredenti:3,clientauthrequirementenum:3,clone:[],cloudflar:3,code:[2,3],com:[0,2,3],command:3,common:0,compat:0,compil:[],complet:3,compliant:[],compress:0,compressionscanattempt:3,compressionscanresult:0,concurr:3,concurrent_server_scans_limit:3,config:[],configur:[0,1,3],connect:[0,1,3],connection_typ:3,connectivity_error_trac:[2,3],connectivity_issu:3,connectivity_result:3,connectivity_statu:3,constant:3,contain:[0,2,3],continu:[1,2,3],control:3,copi:[],correspond:[0,3],could:[0,3],coupl:3,cover:[],creat:3,crime:1,cryptographi:0,ct:0,current:0,curv:1,custom:0,custom_ca_fil:0,cve:0,dai:[],data:1,date:0,decrypt:3,def:[2,3],depend:0,deploi:[0,3],deprec:0,describ:[0,3],descript:[],detail:3,detect:[0,1,3],determin:0,develop:[],devic:0,dh:0,did:0,differ:0,direct:[0,3],directli:3,distrust:0,docker:[],document:0,doe:0,downgrad:1,e:[],each:[0,3],earli:1,earlydatascanattempt:3,earlydatascanresult:0,easi:[1,2],easier:[2,3],easili:[],ec:0,ecdh:0,ecdsa:[],either:3,element:0,elif:3,ellipt:1,elliptic_curv:[0,3],elliptic_curves_plugin:0,ellipticcurv:0,els:2,emb:[],embed:0,en:0,enabl:0,encrypt:1,endpoint:1,enforc:0,engin:1,ensur:1,enumer:[0,3],ephemer:0,ephemeral_kei:0,ephemeralkeyinfo:0,error:[0,2,3],error_messag:0,error_no_connect:[2,3],error_reason:3,error_trac:3,essenti:0,establish:3,etc:[0,1],ev:0,ev_oid:0,eventu:0,everi:[0,3],everyth:3,exampl:[0,1],example_json_result_pars:2,except:3,exchang:0,execut:[],exist:0,exit:[],expect:[0,3],expect_ct_head:0,expectcthead:0,experiment:[],exploit:0,extend:0,extens:[0,3],extra:3,f:[2,3],facebook:[0,2],factori:3,fail:[0,2,3],fallbackscsvscanattempt:3,fallbackscsvscanresult:0,fashion:3,fast:1,feasibl:0,field:[0,2,3],figur:3,file:[0,2,3],fine:3,fingerprint_sha1:2,first:3,flag:[],focu:[],follow:[0,2,3],format:[0,3],forward:0,from:0,from_default_port:3,from_fil:2,ftp:3,full:1,fulli:[],fully_support:0,further:[1,2],g:[],gener:2,get:0,get_result:3,git:[],github:[],give:1,given:[0,3],googl:[0,2,3],grain:3,h:0,ha:3,handl:3,handshak:3,happen:3,have:[],hazmat:0,header:1,heartble:[1,3],heartbleedscanattempt:3,heartbleedscanresult:0,hello:3,help:[],helper:[1,2],higher:0,highest_tls_version_support:3,highlight:0,honor:0,hostnam:[0,2,3],hostname_used_for_server_name_ind:0,how:[0,1,3],html:0,http:[1,3],http_error_trac:0,http_header:[0,3],http_headers_plugin:0,http_path_redirected_to:0,http_proxy_set:3,http_request_s:0,httpheadersscanattempt:3,httpheadersscanresult:0,httpproxyset:3,human:0,hundr:[],id:[0,3],ie:3,ignor:2,imag:[],imap:3,implement:1,includ:[0,3],include_subdomain:0,includesubdomain:0,index:[0,1],indic:[0,3],info:3,inform:[1,3],ing:3,initi:0,inject:1,input:3,insecur:1,inspect:2,instal:0,instruct:1,intend:[],interfac:[],intermedi:0,intern:1,invalid:3,io:0,ip:3,ip_address:3,is_anonym:0,is_certificate_extended_valid:0,is_vulnerable_to_ccs_inject:0,is_vulnerable_to_client_renegotiation_do:0,is_vulnerable_to_heartble:0,issu:0,iter:3,its:0,json_out:2,json_output_schema:2,json_test:2,kei:[0,3],key_password:3,key_path:3,key_siz:0,key_typ:3,kind:[0,3],known:1,lambda:[],last:0,lastli:3,later:[],latest:0,ldap:3,leaf:[0,2],leaf_cert:3,leaf_certificate_has_must_staple_extens:0,leaf_certificate_is_ev:0,leaf_certificate_signed_certificate_timestamps_count:0,leaf_certificate_subject_matches_hostnam:0,least:0,leverag:[0,3],librari:1,like:[],line:[],linux:[],list:[0,3],local:0,look:3,lookup:3,m:2,maco:[],main:3,make:[1,2,3],map:3,match:0,max:0,max_ag:0,maxim:0,measur:0,mechan:0,messag:3,method:[2,3],misconfigur:1,model:3,modern:[],modul:[0,1,3],more:[0,3],most:0,mozilla:0,much:[],must:0,mutual:3,n:[2,3],nabla:[],nablac0d3:[],naccept:3,name:[0,3],nassl:3,need:3,negoti:0,nerror:3,network:3,network_configur:3,network_max_retri:3,network_timeout:3,next:0,nid_xxx:0,nleaf:3,non:3,none:[0,2,3],nor:0,not_support:0,not_vulnerable_no_oracl:0,not_vulnerable_rsa_not_support:0,number:[0,3],number_of_resumptions_to_attempt:0,obj_mac:0,object:[0,2,3],objectidentifi:0,observ:3,ocsp:0,ocsp_respons:0,ocsp_response_is_trust:0,ocsprespons:0,often:0,ok:[],old:0,older:0,onc:3,one:[0,3],onli:[0,3],openssl:[1,3],openssl_ccs_inject:[0,3],openssl_error_str:0,openssl_nam:0,openssl_nid:0,opensslccsinjectionscanattempt:3,opensslccsinjectionscanresult:0,opensslevppkeyenum:0,opensslfiletypeenum:3,operation:[],opportunist:3,option:[2,3],oracl:0,order:[0,1,3],org:[],other:[],otherwis:0,out:3,output:1,overal:0,overview:1,own:[],packag:0,page:[0,1],paramet:[0,3],parent:2,pars:[0,1,2],parse_raw:2,parsed_result:2,part:1,partially_support:0,pass:3,password:3,path:[0,2,3],path_validation_result:0,path_validation_result_list:0,pathlib:[0,3],pathvalidationresult:0,pem:[0,3],per_server_concurrent_connections_limit:3,perform:[0,3],pip:[],plaintext:3,platform:1,plugin:0,pool:3,pop3:3,pop:[],popul:3,port:[2,3],post:2,postgr:3,power:1,pre:[],preload:0,presenc:0,present:0,prevent:1,print:[2,3],privat:3,program:[1,2],project:[],protocol:3,protocolwithopportunistictlsenum:3,provid:[0,1,2,3],proxi:[0,3],public_byt:0,public_kei:3,pycharm:3,python:[0,2],quali:0,queue:3,queue_scan:3,ran:3,rang:1,rc:[],rdp:3,read_text:2,readabl:0,readm:1,real:0,reason:3,receiv:0,received_certificate_chain:[0,2,3],received_chain_contains_anchor_certif:0,received_chain_has_valid_ord:0,recommend:[],redirect:0,refer:0,regular:[],reject:0,rejected_ciph:0,rejected_cipher_suit:0,rejected_curv:0,relat:0,releas:[0,1],reliabl:[],renegoti:1,report:0,report_uri:0,repositori:2,repres:[0,3],request:[0,3],resolv:3,respons:[0,3],results_as_json:2,results_as_json_fil:2,resum:0,resumpt:1,retri:3,retriev:[0,3],rfc4514_string:3,right:0,rm:[],robot:[1,3],robot_result:0,robotscanattempt:3,robotscanresult:0,robotscanresultenum:0,root:0,rsa:0,run:0,s:[0,1,3],save:2,scan_command:3,scan_command_attempt:3,scan_commands_extra_argu:3,scan_result:[2,3],scan_statu:[2,3],scancommand:[0,3],scancommandattempt:3,scancommandattemptstatusenum:[2,3],scancommanderrorreasonenum:3,scancommandsextraargu:3,scanner:3,scannerobserv:3,scanresult:3,schema:2,sct:0,search:1,secg:0,second:3,section:0,secur:1,see:0,send:[0,3],sent:0,separ:[1,2],sequenc:3,serial:[1,2,3],serial_numb:3,server:[0,1,2,3],server_connect:[0,3],server_is_tls_1_3_onli:0,server_loc:[2,3],server_scan_result:[2,3],server_set:3,serverconnectivitystatusenum:3,serverhostnamecouldnotberesolv:3,servernetworkconfigur:3,servernetworkloc:3,serverscanrequest:3,serverscanresult:3,serverscanstatusenum:[2,3],servertlsprobingresult:3,session:1,session_id_attempted_resumptions_count:0,session_id_resumption_result:0,session_id_successful_resumptions_count:0,session_renegoti:[0,3],session_resumpt:[0,3],sessionrenegotiationscanattempt:3,sessionrenegotiationscanresult:0,sessionresumptionsupportextraargu:0,sessionresumptionsupportscanattempt:3,sessionresumptionsupportscanresult:0,set:[0,1],setuptool:[],sha1:2,sha256:[],sha256withrsaencrypt:[],sha384:[],sha512:[],sha:0,share:0,shell:[],shortcut:0,should:[0,3],show:[],sign:0,signatur:[],significantli:3,simpl:[],simpli:[],sinc:3,singl:3,site:[],size:0,smtp:3,so:[],some:[0,3],soon:3,sourc:[],specif:[0,3],speed:[],ssl2_attempt:3,ssl2_result:3,ssl:[0,1],ssl_2_0:0,ssl_2_0_cipher_suit:[0,3],ssl_3_0:0,ssl_3_0_cipher_suit:[0,3],ssl_client:3,ssl_filetype_xxx:3,ssllab:0,sslyze:[0,2,3],sslyze_output:2,sslyzeoutputasjson:2,standard:3,stapl:0,start:[],statu:[2,3],step:[],store:0,str:[0,3],stream:3,strict:0,strict_transport_security_head:0,stricttransportsecurityhead:0,string:0,strong:1,subject:[0,3],subsequ:0,succe:0,succeed:3,success:0,successfulli:3,suit:[1,3],suppli:[0,3],support:[1,3],supported_curv:0,supportedellipticcurvesscanattempt:3,supportedellipticcurvesscanresult:0,supports_compress:0,supports_early_data:0,supports_ecdh_key_exchang:[0,3],supports_fallback_scsv:0,supports_secure_renegoti:0,sur:[],sure:3,symantec:0,system:0,t:3,take:0,target1:[],target2:[],target3:[],termin:[],test:[0,1,2,3],therebi:[0,2],thi:[0,2,3],thousand:[],through:[0,3],ticket:0,timeout:3,timestamp:0,tl:1,tls1_3_attempt:3,tls1_3_result:3,tls_1_0:0,tls_1_0_cipher_suit:[0,3],tls_1_1:0,tls_1_1_cipher_suit:[0,3],tls_1_2:0,tls_1_2_cipher_suit:[0,3],tls_1_3:0,tls_1_3_cipher_suit:[0,3],tls_1_3_early_data:[0,3],tls_client_auth_credenti:3,tls_compress:[0,3],tls_ecdhe_rsa_with_aes_128_gcm_sha256:[],tls_ecdhe_rsa_with_aes_256_gcm_sha384:[],tls_ecdhe_rsa_with_chacha20_poly1305_sha256:[],tls_fallback_scsv:[0,3],tls_opportunistic_encrypt:3,tls_server_name_ind:3,tls_ticket_attempted_resumptions_count:0,tls_ticket_resumption_result:0,tls_ticket_successful_resumptions_count:0,tls_version:[],tls_version_us:0,tls_wrapped_protocol:3,tlsresumptionsupportenum:0,tlsv1:[],tlsversionenum:[0,3],too:0,tool:1,total:0,trace:3,traceback:[0,3],tracebackexcept:[0,3],transpar:0,transport:0,trust:0,trust_stor:0,truststor:0,tunnel:3,type:[0,2,3],typevar:3,unknown_inconsistent_result:0,up:3,upgrad:3,uri:0,us:[0,3],usag:[],uuid:3,valid:0,valu:[0,3],verifi:0,verified_certificate_chain:0,verified_chain_has_legacy_symantec_anchor:0,verified_chain_has_sha1_signatur:0,version:0,via:[0,3],vs:3,vulner:[0,1],vulnerable_strong_oracl:0,vulnerable_weak_oracl:0,wa:[0,3],wai:0,want:3,warn:[],was_validation_success:0,we:3,websit:0,were:[0,2,3],weren:3,what:3,wheel:[],when:[0,1,3],whether:[0,3],which:[0,3],why:3,window:[],within:[0,3],without:[0,3],worker:3,would:0,wrap:3,wrong_usag:3,www:2,x509:0,x86:[],x9:0,x:0,xmpp:3,xmpp_server:3,xmpp_to_hostnam:3,you:[],your:[],zero:[]},titles:["Appendix: Scan Commands","SSLyze","Exporting and processing scan results in JSON","Running a Scan in Python"],titleterms:{"1":0,"3":0,"class":[0,3],"export":[1,2],addit:3,api:1,appendix:[0,1],argument:0,authent:3,cc:0,cd:[],certif:0,ci:[],cipher:0,cli:2,client:3,code:[],command:[0,1],content:[0,1],crime:0,curv:0,data:0,docker:[],downgrad:0,earli:0,ellipt:0,enabl:3,etc:3,exampl:3,execut:[],featur:[],from:[],full:3,header:0,heartble:0,http:0,indic:1,inform:0,inject:0,insecur:0,instal:1,json:[1,2],kei:[],openssl:0,option:0,output:2,overview:3,pip:[],prevent:0,process:[1,2,3],python:[1,3],quick:1,renegoti:0,result:[0,1,2,3],resumpt:0,robot:0,run:[1,3],scan:[0,1,2,3],secur:0,session:0,set:3,sni:3,sourc:[],ssl:3,sslyze:1,start:[1,3],starttl:3,suit:0,support:0,tabl:1,tl:[0,3],us:[1,2],when:2,window:[]}}) \ No newline at end of file +Search.setIndex({docnames:["available-scan-commands","index","json-output","running-a-scan-in-python"],envversion:{"sphinx.domains.c":2,"sphinx.domains.changeset":1,"sphinx.domains.citation":1,"sphinx.domains.cpp":4,"sphinx.domains.index":1,"sphinx.domains.javascript":2,"sphinx.domains.math":2,"sphinx.domains.python":3,"sphinx.domains.rst":2,"sphinx.domains.std":2,sphinx:56},filenames:["available-scan-commands.rst","index.rst","json-output.rst","running-a-scan-in-python.rst"],objects:{"":[[0,0,0,"-","sslyze"]],"sslyze.CertificateDeploymentAnalysisResult":[[0,2,1,"","leaf_certificate_has_must_staple_extension"],[0,2,1,"","leaf_certificate_is_ev"],[0,2,1,"","leaf_certificate_signed_certificate_timestamps_count"],[0,2,1,"","leaf_certificate_subject_matches_hostname"],[0,2,1,"","ocsp_response"],[0,2,1,"","ocsp_response_is_trusted"],[0,2,1,"","path_validation_results"],[0,2,1,"","received_certificate_chain"],[0,2,1,"","received_chain_contains_anchor_certificate"],[0,2,1,"","received_chain_has_valid_order"],[0,2,1,"","verified_certificate_chain"],[0,2,1,"","verified_chain_has_legacy_symantec_anchor"],[0,2,1,"","verified_chain_has_sha1_signature"]],"sslyze.CertificateInfoExtraArgument":[[0,2,1,"","custom_ca_file"]],"sslyze.CertificateInfoScanResult":[[0,2,1,"","certificate_deployments"],[0,2,1,"","hostname_used_for_server_name_indication"]],"sslyze.CipherSuitesScanResult":[[0,2,1,"","accepted_ciphers"],[0,2,1,"","rejected_ciphers"],[0,2,1,"","tls_version_used"]],"sslyze.ClientAuthenticationCredentials":[[3,2,1,"","certificate_chain_path"],[3,2,1,"","key_password"],[3,2,1,"","key_path"],[3,2,1,"","key_type"]],"sslyze.CompressionScanResult":[[0,2,1,"","supports_compression"]],"sslyze.EarlyDataScanResult":[[0,2,1,"","supports_early_data"]],"sslyze.EllipticCurve":[[0,2,1,"","name"],[0,2,1,"","openssl_nid"]],"sslyze.ExpectCtHeader":[[0,2,1,"","enforce"]],"sslyze.FallbackScsvScanResult":[[0,2,1,"","supports_fallback_scsv"]],"sslyze.HeartbleedScanResult":[[0,2,1,"","is_vulnerable_to_heartbleed"]],"sslyze.HttpHeadersScanResult":[[0,2,1,"","expect_ct_header"],[0,2,1,"","http_error_trace"],[0,2,1,"","http_path_redirected_to"],[0,2,1,"","http_request_sent"],[0,2,1,"","strict_transport_security_header"]],"sslyze.OpenSslCcsInjectionScanResult":[[0,2,1,"","is_vulnerable_to_ccs_injection"]],"sslyze.OpenSslFileTypeEnum":[[3,2,1,"","ASN1"],[3,2,1,"","PEM"]],"sslyze.PathValidationResult":[[0,2,1,"","openssl_error_string"],[0,2,1,"","trust_stores"],[0,2,1,"","verified_certificate_chain"],[0,2,1,"","was_validation_successful"]],"sslyze.ProtocolWithOpportunisticTlsEnum":[[3,2,1,"","FTP"],[3,2,1,"","IMAP"],[3,2,1,"","LDAP"],[3,2,1,"","POP3"],[3,2,1,"","POSTGRES"],[3,2,1,"","RDP"],[3,2,1,"","SMTP"],[3,2,1,"","XMPP"],[3,2,1,"","XMPP_SERVER"],[3,3,1,"","from_default_port"]],"sslyze.RobotScanResult":[[0,2,1,"","result"]],"sslyze.RobotScanResultEnum":[[0,2,1,"id8","NOT_VULNERABLE_NO_ORACLE"],[0,2,1,"id9","NOT_VULNERABLE_RSA_NOT_SUPPORTED"],[0,2,1,"id10","UNKNOWN_INCONSISTENT_RESULTS"],[0,2,1,"id7","VULNERABLE_STRONG_ORACLE"],[0,2,1,"id6","VULNERABLE_WEAK_ORACLE"]],"sslyze.ScanCommand":[[0,2,1,"","CERTIFICATE_INFO"],[0,2,1,"","ELLIPTIC_CURVES"],[0,2,1,"","HEARTBLEED"],[0,2,1,"","HTTP_HEADERS"],[0,2,1,"","OPENSSL_CCS_INJECTION"],[0,2,1,"","ROBOT"],[0,2,1,"","SESSION_RENEGOTIATION"],[0,2,1,"","SESSION_RESUMPTION"],[0,2,1,"","SSL_2_0_CIPHER_SUITES"],[0,2,1,"","SSL_3_0_CIPHER_SUITES"],[0,2,1,"","TLS_1_0_CIPHER_SUITES"],[0,2,1,"","TLS_1_1_CIPHER_SUITES"],[0,2,1,"","TLS_1_2_CIPHER_SUITES"],[0,2,1,"","TLS_1_3_CIPHER_SUITES"],[0,2,1,"","TLS_1_3_EARLY_DATA"],[0,2,1,"","TLS_COMPRESSION"],[0,2,1,"","TLS_FALLBACK_SCSV"]],"sslyze.ScanCommandAttempt":[[3,2,1,"","error_reason"],[3,2,1,"","error_trace"],[3,2,1,"","result"],[3,2,1,"","status"]],"sslyze.ScanCommandErrorReasonEnum":[[3,2,1,"","BUG_IN_SSLYZE"],[3,2,1,"","CLIENT_CERTIFICATE_NEEDED"],[3,2,1,"","CONNECTIVITY_ISSUE"],[3,2,1,"","WRONG_USAGE"]],"sslyze.ServerNetworkConfiguration":[[3,2,1,"","network_max_retries"],[3,2,1,"","network_timeout"],[3,2,1,"","tls_client_auth_credentials"],[3,2,1,"","tls_server_name_indication"],[3,2,1,"","tls_wrapped_protocol"],[3,2,1,"","xmpp_to_hostname"]],"sslyze.ServerNetworkLocation":[[3,2,1,"","connection_type"],[3,2,1,"","hostname"],[3,2,1,"","http_proxy_settings"],[3,2,1,"","ip_address"],[3,2,1,"","port"]],"sslyze.ServerScanResult":[[3,2,1,"","connectivity_error_trace"],[3,2,1,"","connectivity_result"],[3,2,1,"","connectivity_status"],[3,2,1,"","network_configuration"],[3,2,1,"","scan_result"],[3,2,1,"","scan_status"],[3,2,1,"","server_location"],[3,2,1,"","uuid"]],"sslyze.SessionRenegotiationScanResult":[[0,2,1,"","accepts_client_renegotiation"],[0,2,1,"","supports_secure_renegotiation"]],"sslyze.SessionResumptionSupportExtraArgument":[[0,2,1,"","number_of_resumptions_to_attempt"]],"sslyze.SessionResumptionSupportScanResult":[[0,2,1,"","session_id_attempted_resumptions_count"],[0,2,1,"","session_id_resumption_result"],[0,2,1,"","session_id_successful_resumptions_count"],[0,2,1,"","tls_ticket_attempted_resumptions_count"],[0,2,1,"","tls_ticket_resumption_result"],[0,2,1,"","tls_ticket_successful_resumptions_count"]],"sslyze.StrictTransportSecurityHeader":[[0,2,1,"","include_subdomains"],[0,2,1,"","max_age"],[0,2,1,"","preload"]],"sslyze.SupportedEllipticCurvesScanResult":[[0,2,1,"","rejected_curves"],[0,2,1,"","supported_curves"],[0,2,1,"","supports_ecdh_key_exchange"]],"sslyze.TlsResumptionSupportEnum":[[0,2,1,"","FULLY_SUPPORTED"],[0,2,1,"","NOT_SUPPORTED"],[0,2,1,"","PARTIALLY_SUPPORTED"],[0,2,1,"","SERVER_IS_TLS_1_3_ONLY"]],"sslyze.TlsVersionEnum":[[0,2,1,"","SSL_2_0"],[0,2,1,"","SSL_3_0"],[0,2,1,"","TLS_1_0"],[0,2,1,"","TLS_1_1"],[0,2,1,"","TLS_1_2"],[0,2,1,"","TLS_1_3"]],"sslyze.TrustStore":[[0,2,1,"","ev_oids"],[0,3,1,"","is_certificate_extended_validation"],[0,2,1,"id1","name"],[0,2,1,"id0","path"],[0,2,1,"id2","version"]],sslyze:[[3,1,1,"","AllScanCommandsAttempts"],[0,1,1,"","CertificateDeploymentAnalysisResult"],[0,1,1,"","CertificateInfoExtraArgument"],[0,1,1,"","CertificateInfoScanResult"],[0,1,1,"","CipherSuite"],[0,1,1,"","CipherSuiteAcceptedByServer"],[0,1,1,"","CipherSuiteRejectedByServer"],[0,1,1,"","CipherSuitesScanResult"],[3,1,1,"","ClientAuthenticationCredentials"],[0,1,1,"","CompressionScanResult"],[0,1,1,"","EarlyDataScanResult"],[0,1,1,"","EllipticCurve"],[0,1,1,"","EphemeralKeyInfo"],[0,1,1,"","ExpectCtHeader"],[0,1,1,"","FallbackScsvScanResult"],[0,1,1,"","HeartbleedScanResult"],[0,1,1,"","HttpHeadersScanResult"],[0,1,1,"","OpenSslCcsInjectionScanResult"],[3,1,1,"","OpenSslFileTypeEnum"],[0,1,1,"","PathValidationResult"],[3,1,1,"","ProtocolWithOpportunisticTlsEnum"],[0,1,1,"","RobotScanResult"],[0,1,1,"","RobotScanResultEnum"],[0,1,1,"","ScanCommand"],[3,1,1,"","ScanCommandAttempt"],[3,1,1,"","ScanCommandErrorReasonEnum"],[3,1,1,"","Scanner"],[3,1,1,"","ServerConnectivityStatusEnum"],[3,1,1,"","ServerNetworkConfiguration"],[3,1,1,"","ServerNetworkLocation"],[3,1,1,"","ServerScanRequest"],[3,1,1,"","ServerScanResult"],[3,1,1,"","ServerScanStatusEnum"],[3,1,1,"","ServerTlsProbingResult"],[0,1,1,"","SessionRenegotiationScanResult"],[0,1,1,"","SessionResumptionSupportExtraArgument"],[0,1,1,"","SessionResumptionSupportScanResult"],[0,1,1,"","StrictTransportSecurityHeader"],[0,1,1,"","SupportedEllipticCurvesScanResult"],[0,1,1,"","TlsResumptionSupportEnum"],[0,1,1,"","TlsVersionEnum"],[0,1,1,"","TrustStore"]]},objnames:{"0":["py","module","Python module"],"1":["py","class","Python class"],"2":["py","attribute","Python attribute"],"3":["py","method","Python method"]},objtypes:{"0":"py:module","1":"py:class","2":"py:attribute","3":"py:method"},terms:{"0":[0,1,2,3],"0224":0,"09":0,"1":[1,3],"10":[],"100":0,"2":[0,3],"2014":0,"2016":0,"2017":0,"26":0,"3":[1,3],"4":[0,2],"443":3,"5":[0,1,3],"509":0,"6":[0,1],"62":0,"64":[],"class":[1,2],"default":[0,3],"do":[2,3],"enum":0,"function":0,"import":3,"int":[0,3],"long":0,"public":1,"return":[0,3],"true":[0,2],"try":[0,3],A:[0,2,3],And:3,By:3,For:0,If:[0,3],Is:0,It:3,NOT:3,No:3,Not:2,That:2,The:[0,1,2,3],Then:3,These:2,To:3,Will:0,_:[],__class__:3,__file__:[],__name__:3,_cert_chain_analyz:0,_oid:[],_print_failed_scan_command_attempt:[2,3],_resumption_with_id:0,_scancommandresulttypevar:3,abl:[0,3],about:3,accept:0,accepted_ciph:0,accepted_cipher_suit:[0,3],accepts_client_renegoti:0,access:1,accord:0,accur:0,across:1,act:0,activ:[],actual:3,ad:[],addit:0,address:3,after:[0,3],ag:0,against:[0,3],algorithm:0,alia:[],all:[0,2,3],all_scan_request:3,all_server_scan_result:[2,3],allow:3,allscancommandsattempt:3,also:[1,2],altern:0,an:[0,3],analysi:0,analyz:[0,1],anchor:0,ani:[0,1],annot:[2,3],ansi:0,api:[0,3],api_sampl:[],api_sample_result:3,append:3,appendix:3,appl:0,applic:[],ar:[0,1,2,3],argument:3,arm:[],asn1:3,assert:[2,3],attack:[0,1],attempt:[0,3],attribut:3,auto:3,autom:3,automat:3,avail:[0,1,2,3],aw:[],back:0,bad:3,base:0,bashrc:[],battl:[],below:0,big:[],bit:[],blog:0,bool:[0,3],both:0,bug_in_sslyz:3,built:0,bytearrai:0,c0d3:[],ca:0,can:[0,1,2,3],cc:1,cd:[],cert_deploy:[2,3],certif:[1,2,3],certificate_chain_path:3,certificate_deploy:[0,2,3],certificate_info:[0,2,3],certificate_signatur:[],certificate_typ:[],certificatedeploymentanalysisresult:0,certificateinfoextraargu:0,certificateinfoscanattempt:3,certificateinfoscanresult:0,certinfo_attempt:[2,3],certinfo_result:[2,3],chain:0,check:[0,3],choic:[],cipher:[1,3],cipher_suit:[0,3],cipher_suite_support:3,ciphersuit:0,ciphersuiteacceptedbyserv:0,ciphersuiterejectedbyserv:0,ciphersuitesscanattempt:3,ciphersuitesscanresult:0,classmethod:3,cli:1,client:0,client_auth_requir:3,client_certificate_need:3,clientauthenticationcredenti:3,clientauthrequirementenum:3,clone:[],cloudflar:3,code:[2,3],com:[0,2,3],command:3,common:0,compat:0,compil:[],complet:3,compliant:[],compress:0,compressionscanattempt:3,compressionscanresult:0,concurr:3,concurrent_server_scans_limit:3,config:[],configur:[0,1,3],connect:[0,1,3],connection_typ:3,connectivity_error_trac:[2,3],connectivity_issu:3,connectivity_result:3,connectivity_statu:3,constant:3,contain:[0,2,3],continu:[1,2,3],control:3,copi:[],correspond:[0,3],could:[0,3],coupl:3,cover:[],creat:3,crime:1,cryptographi:0,ct:0,current:0,curv:1,custom:0,custom_ca_fil:0,cve:0,dai:[],data:1,date:0,date_scans_complet:2,date_scans_start:[2,3],datetim:[2,3],decrypt:3,def:[2,3],depend:0,deploi:[0,3],deprec:0,describ:[0,2,3],descript:[],detail:3,detect:[0,1,3],determin:0,develop:[],devic:0,dh:0,dictionari:[],did:0,differ:0,direct:[0,3],directli:3,distrust:0,docker:[],document:0,doe:0,downgrad:1,e:[],each:[0,3],earli:1,earlydatascanattempt:3,earlydatascanresult:0,easi:[1,2],easier:[2,3],easili:[],ec:0,ecdh:0,ecdsa:[],either:3,element:0,elif:3,ellipt:1,elliptic_curv:[0,3],elliptic_curves_plugin:0,ellipticcurv:0,els:2,emb:[],embed:0,en:0,enabl:0,encrypt:1,endpoint:1,enforc:0,engin:1,ensur:[1,3],ensure_ascii:2,enumer:[0,3],ephemer:0,ephemeral_kei:0,ephemeralkeyinfo:0,error:[0,2,3],error_messag:0,error_no_connect:[2,3],error_reason:3,error_trac:3,essenti:0,establish:3,etc:[0,1],ev:0,ev_oid:0,eventu:0,everi:[0,3],everyth:3,exampl:[0,1],example_json_result_output:[2,3],example_json_result_pars:[2,3],except:3,exchang:0,execut:[],exist:0,exit:[],expect:[0,3],expect_ct_head:0,expectcthead:0,experiment:[],exploit:0,extend:0,extens:[0,3],extra:3,f:[2,3],facebook:[0,2],factori:3,fail:[0,2,3],fallbackscsvscanattempt:3,fallbackscsvscanresult:0,fashion:3,fast:1,feasibl:0,field:[0,2,3],figur:3,file:[0,2,3],fine:3,fingerprint_sha1:2,first:3,flag:[],focu:[],follow:[0,2,3],format:[0,3],forward:0,from:[0,3],from_default_port:3,from_fil:2,from_orm:2,ftp:3,full:1,fulli:[],fully_support:0,further:[1,2],g:[],gener:2,get:0,get_result:3,git:[],github:[],give:1,given:[0,3],googl:[0,2,3],grain:3,h:0,ha:3,handl:3,handshak:3,happen:3,have:[],hazmat:[],header:1,heartble:[1,3],heartbleedscanattempt:3,heartbleedscanresult:0,hello:3,help:[],helper:[1,2],here:2,higher:0,highest_tls_version_support:3,highlight:0,honor:0,hostnam:[0,2,3],hostname_used_for_server_name_ind:0,how:[0,1,3],html:0,http:[1,3],http_error_trac:0,http_header:[0,3],http_headers_plugin:0,http_path_redirected_to:0,http_proxy_set:3,http_request_s:0,httpheadersscanattempt:3,httpheadersscanresult:0,httpproxyset:3,human:0,hundr:[],id:[0,3],ie:3,ignor:2,imag:[],imap:3,implement:1,includ:[0,3],include_subdomain:0,includesubdomain:0,indent:2,index:[0,1],indic:[0,3],info:3,inform:[1,3],ing:3,initi:0,inject:1,input:3,insecur:1,inspect:2,instal:0,instruct:1,intend:[],interfac:2,intermedi:0,intern:1,invalid:3,invalid_server_str:2,io:0,ip:3,ip_address:3,is_anonym:0,is_certificate_extended_valid:0,is_vulnerable_to_ccs_inject:0,is_vulnerable_to_client_renegotiation_do:0,is_vulnerable_to_heartble:0,issu:0,iter:3,its:0,json:3,json_file_out:[2,3],json_out:2,json_output:2,json_output_as_str:2,json_output_schema:2,json_test:[],kei:[0,3],key_password:3,key_path:3,key_siz:0,key_typ:3,kind:[0,3],known:1,lambda:[],last:0,lastli:3,later:[],latest:0,ldap:3,leaf:[0,2],leaf_cert:3,leaf_certificate_has_must_staple_extens:0,leaf_certificate_is_ev:0,leaf_certificate_signed_certificate_timestamps_count:0,leaf_certificate_subject_matches_hostnam:0,least:0,leverag:[0,3],librari:1,like:[],line:[],linux:[],list:[0,2,3],literalinclud:[],local:0,look:3,lookup:3,m:2,maco:[],main:3,make:[1,2,3],map:3,match:0,max:0,max_ag:0,maxim:0,measur:0,mechan:0,messag:3,method:[2,3],misconfigur:1,model:3,modern:[],modul:[0,1,3],more:[0,3],most:0,mozilla:0,much:[],must:0,mutual:3,n:[2,3],nabla:[],nablac0d3:[],naccept:3,name:[0,3],nassl:3,need:[2,3],negoti:0,nerror:3,network:3,network_configur:3,network_max_retri:3,network_timeout:3,next:0,nid_xxx:0,nleaf:3,non:3,none:[0,2,3],nor:0,not_support:0,not_vulnerable_no_oracl:0,not_vulnerable_rsa_not_support:0,number:[0,3],number_of_resumptions_to_attempt:0,obj_mac:0,object:[0,2,3],objectidentifi:0,observ:3,ocsp:0,ocsp_respons:0,ocsp_response_is_trust:0,ocsprespons:0,often:0,ok:[],old:0,older:0,onc:3,one:[0,3],onli:[0,3],openssl:[1,3],openssl_ccs_inject:[0,3],openssl_error_str:0,openssl_nam:0,openssl_nid:0,opensslccsinjectionscanattempt:3,opensslccsinjectionscanresult:0,opensslevppkeyenum:0,opensslfiletypeenum:3,operation:[],opportunist:3,option:[2,3],oracl:0,order:[0,1,3],org:[],other:3,otherwis:0,out:3,output:1,overal:0,overview:1,own:[],packag:0,page:[0,1],paramet:[0,3],parent:[],pars:[0,1,3],parse_raw:2,parsed_result:2,part:1,partially_support:0,pass:3,password:3,path:[0,2,3],path_validation_result:0,path_validation_result_list:0,pathlib:[0,3],pathvalidationresult:0,pem:[0,3],per_server_concurrent_connections_limit:3,perform:[0,3],pip:[],plaintext:3,platform:1,plugin:0,pool:3,pop3:3,pop:[],popul:3,port:[2,3],post:2,postgr:3,power:1,pre:[],preload:0,presenc:0,present:0,prevent:1,print:[2,3],privat:3,program:[1,2],project:[],protocol:3,protocolwithopportunistictlsenum:3,provid:[0,1,2,3],proxi:[0,3],public_byt:0,public_kei:3,py:[],pycharm:3,pyobject:[],python:[0,2],quali:0,queue:3,queue_scan:3,ran:3,rang:1,rc:[],rdp:3,read_text:2,readabl:0,readm:1,real:0,reason:3,receiv:0,received_certificate_chain:[0,2,3],received_chain_contains_anchor_certif:0,received_chain_has_valid_ord:0,recommend:[],redirect:0,refer:0,regular:[],reject:0,rejected_ciph:0,rejected_cipher_suit:0,rejected_curv:0,relat:0,releas:[0,1],reliabl:[],renegoti:1,report:0,report_uri:0,repositori:2,repres:[0,3],request:[0,3],resolv:3,respons:[0,3],results_as_json:2,results_as_json_fil:2,resum:0,resumpt:1,retri:3,retriev:[0,3],rfc4514_string:3,right:0,rm:[],robot:[1,3],robot_result:0,robotscanattempt:3,robotscanresult:0,robotscanresultenum:0,root:0,rsa:0,run:0,s:[0,1,3],save:[2,3],scan_command:3,scan_command_attempt:3,scan_commands_extra_argu:3,scan_result:[2,3],scan_statu:[2,3],scancommand:[0,3],scancommandattempt:3,scancommandattemptstatusenum:[2,3],scancommanderrorreasonenum:3,scancommandsextraargu:3,scanner:3,scannerobserv:3,scanresult:3,schema:2,sct:0,search:1,secg:0,second:3,section:[0,2],secur:1,see:0,send:[0,3],sent:0,separ:[1,2],sequenc:3,serial:[1,2,3],serial_numb:3,server:[0,1,2,3],server_connect:[0,3],server_is_tls_1_3_onli:0,server_loc:[2,3],server_scan_result:[2,3],server_set:3,serverconnectivitystatusenum:3,serverhostnamecouldnotberesolv:3,servernetworkconfigur:3,servernetworkloc:3,serverscanrequest:3,serverscanresult:[2,3],serverscanresultasjson:2,serverscanstatusenum:[2,3],servertlsprobingresult:3,session:1,session_id_attempted_resumptions_count:0,session_id_resumption_result:0,session_id_successful_resumptions_count:0,session_renegoti:[0,3],session_resumpt:[0,3],sessionrenegotiationscanattempt:3,sessionrenegotiationscanresult:0,sessionresumptionsupportextraargu:0,sessionresumptionsupportscanattempt:3,sessionresumptionsupportscanresult:0,set:[0,1],setuptool:[],sha1:2,sha256:[],sha256withrsaencrypt:[],sha384:[],sha512:[],sha:0,share:0,shell:[],shortcut:0,should:[0,3],show:[],sign:0,signatur:[],significantli:3,simpl:[],simpli:[],sinc:3,singl:3,site:[],size:0,smtp:3,so:[],some:[0,3],soon:3,sort_kei:2,sourc:[],specif:[0,2,3],speed:[],ssl2_attempt:3,ssl2_result:3,ssl:[0,1],ssl_2_0:0,ssl_2_0_cipher_suit:[0,3],ssl_3_0:0,ssl_3_0_cipher_suit:[0,3],ssl_client:3,ssl_filetype_xxx:3,ssllab:0,sslyze:[0,2,3],sslyze_output:[],sslyzeoutputasjson:2,standard:3,stapl:0,start:[],statu:[2,3],step:[],store:0,str:[0,3],stream:3,strict:0,strict_transport_security_head:0,stricttransportsecurityhead:0,string:0,strong:1,subject:[0,3],subsequ:0,succe:0,succeed:3,success:0,successfulli:3,suit:[1,3],suppli:[0,3],support:[1,3],supported_curv:0,supportedellipticcurvesscanattempt:3,supportedellipticcurvesscanresult:0,supports_compress:0,supports_early_data:0,supports_ecdh_key_exchang:[0,3],supports_fallback_scsv:0,supports_secure_renegoti:0,sur:[],sure:3,symantec:0,system:0,t:3,take:0,target1:[],target2:[],target3:[],termin:[],test:[0,1,3],them:3,therebi:[0,2],thi:[0,2,3],thousand:[],through:[0,3],ticket:0,timeout:3,timestamp:0,tl:1,tls1_3_attempt:3,tls1_3_result:3,tls_1_0:0,tls_1_0_cipher_suit:[0,3],tls_1_1:0,tls_1_1_cipher_suit:[0,3],tls_1_2:0,tls_1_2_cipher_suit:[0,3],tls_1_3:0,tls_1_3_cipher_suit:[0,3],tls_1_3_early_data:[0,3],tls_client_auth_credenti:3,tls_compress:[0,3],tls_ecdhe_rsa_with_aes_128_gcm_sha256:[],tls_ecdhe_rsa_with_aes_256_gcm_sha384:[],tls_ecdhe_rsa_with_chacha20_poly1305_sha256:[],tls_fallback_scsv:[0,3],tls_opportunistic_encrypt:3,tls_server_name_ind:3,tls_ticket_attempted_resumptions_count:0,tls_ticket_resumption_result:0,tls_ticket_successful_resumptions_count:0,tls_version:[],tls_version_us:0,tls_wrapped_protocol:3,tlsresumptionsupportenum:0,tlsv1:[],tlsversionenum:[0,3],too:0,tool:1,total:0,trace:3,traceback:[0,3],tracebackexcept:[0,3],transpar:0,transport:0,trust:0,trust_stor:0,truststor:0,tunnel:3,type:[0,2,3],typevar:3,unknown_inconsistent_result:0,up:3,upgrad:3,uri:0,us:[0,3],usag:[],utcnow:3,uuid:3,valid:0,valu:[0,3],verifi:0,verified_certificate_chain:0,verified_chain_has_legacy_symantec_anchor:0,verified_chain_has_sha1_signatur:0,version:0,via:[0,3],vs:3,vulner:[0,1],vulnerable_strong_oracl:0,vulnerable_weak_oracl:0,wa:[0,3],wai:0,want:3,warn:[],was_validation_success:0,we:3,websit:0,were:[0,2,3],weren:3,what:3,wheel:[],when:[0,1,3],whether:[0,3],which:[0,3],why:3,window:[],within:[0,3],without:[0,3],worker:3,would:0,wrap:3,write_text:2,wrong_usag:3,www:2,x509:0,x86:[],x9:0,x:0,xmpp:3,xmpp_server:3,xmpp_to_hostnam:3,you:[],your:[],zero:[]},titles:["Appendix: Scan Commands","SSLyze","Exporting and processing scan results in JSON","Running a Scan in Python"],titleterms:{"1":0,"3":0,"class":[0,3],"export":[1,2],addit:3,api:[1,2],appendix:[0,1],argument:0,authent:3,cc:0,cd:[],certif:0,ci:[],cipher:0,cli:2,client:3,code:[],command:[0,1],content:[0,1],crime:0,curv:0,data:0,docker:[],downgrad:0,earli:0,ellipt:0,enabl:3,etc:3,exampl:3,execut:[],featur:[],from:[],full:3,header:0,heartble:0,http:0,indic:1,inform:0,inject:0,insecur:0,instal:1,json:[1,2],kei:[],openssl:0,option:0,output:2,overview:3,pars:2,pip:[],prevent:0,process:[1,2,3],python:[1,3],quick:1,renegoti:0,result:[0,1,2,3],resumpt:0,robot:0,run:[1,3],scan:[0,1,2,3],secur:0,session:0,set:3,sni:3,sourc:[],ssl:3,sslyze:1,start:[1,3],starttl:3,suit:0,support:0,tabl:1,tl:[0,3],us:[1,2],when:2,window:[]}}) \ No newline at end of file diff --git a/json_output_schema.json b/json_output_schema.json index dbfd2e3b..78641bd1 100644 --- a/json_output_schema.json +++ b/json_output_schema.json @@ -1,6 +1,6 @@ { "title": "SslyzeOutputAsJson", - "description": "The \"root\" dictionary of the JSON output when using the --json command line option.\n ", + "description": "The \"root\" dictionary of the JSON output when using the --json command line option.", "type": "object", "properties": { "invalid_server_strings": { @@ -30,7 +30,7 @@ }, "sslyze_version": { "title": "Sslyze Version", - "default": "5.0.3", + "default": "5.0.6", "type": "string" }, "sslyze_url": { @@ -47,7 +47,7 @@ "definitions": { "InvalidServerStringAsJson": { "title": "InvalidServerStringAsJson", - "description": "A hostname:port string supplied via the command line that SSLyze was unable to parse or resolve.\n ", + "description": "A hostname:port string supplied via the command line that SSLyze was unable to parse or resolve.", "type": "object", "properties": { "server_string": { @@ -74,8 +74,8 @@ ], "type": "string" }, - "HttpProxySettings": { - "title": "HttpProxySettings", + "_HttpProxySettingsAsJson": { + "title": "_HttpProxySettingsAsJson", "type": "object", "properties": { "hostname": { @@ -121,7 +121,7 @@ "type": "string" }, "http_proxy_settings": { - "$ref": "#/definitions/HttpProxySettings" + "$ref": "#/definitions/_HttpProxySettingsAsJson" } }, "required": [ @@ -133,7 +133,7 @@ }, "ProtocolWithOpportunisticTlsEnum": { "title": "ProtocolWithOpportunisticTlsEnum", - "description": "The list of plaintext protocols supported by SSLyze for opportunistic TLS upgrade (such as STARTTLS).\n\nThis allows SSLyze to figure out how to complete an SSL/TLS handshake with the server.", + "description": "The list of plaintext protocols supported by SSLyze for opportunistic TLS upgrade (such as STARTTLS).\n\n This allows SSLyze to figure out how to complete an SSL/TLS handshake with the server.\n ", "enum": [ "SMTP", "XMPP", @@ -218,7 +218,7 @@ }, "ClientAuthRequirementEnum": { "title": "ClientAuthRequirementEnum", - "description": "Whether the server asked for client authentication.\n ", + "description": "Whether the server asked for client authentication.", "enum": [ "DISABLED", "OPTIONAL", @@ -228,7 +228,7 @@ }, "_ServerTlsProbingResultAsJson": { "title": "_ServerTlsProbingResultAsJson", - "description": "Additional details about the server, detected via connectivity testing.\n ", + "description": "Additional details about the server, detected via connectivity testing.", "type": "object", "properties": { "highest_tls_version_supported": { @@ -1053,7 +1053,7 @@ }, "RobotScanResultEnum": { "title": "RobotScanResultEnum", - "description": "The result of attempting exploit the ROBOT issue on the server.\n\nAttributes:\n VULNERABLE_WEAK_ORACLE: The server is vulnerable but the attack would take too long.\n VULNERABLE_STRONG_ORACLE: The server is vulnerable and real attacks are feasible.\n NOT_VULNERABLE_NO_ORACLE: The server supports RSA cipher suites but does not act as an oracle.\n NOT_VULNERABLE_RSA_NOT_SUPPORTED: The server does not supports RSA cipher suites.\n UNKNOWN_INCONSISTENT_RESULTS: Could not determine whether the server is vulnerable or not.", + "description": "The result of attempting exploit the ROBOT issue on the server.\n\n Attributes:\n VULNERABLE_WEAK_ORACLE: The server is vulnerable but the attack would take too long.\n VULNERABLE_STRONG_ORACLE: The server is vulnerable and real attacks are feasible.\n NOT_VULNERABLE_NO_ORACLE: The server supports RSA cipher suites but does not act as an oracle.\n NOT_VULNERABLE_RSA_NOT_SUPPORTED: The server does not supports RSA cipher suites.\n UNKNOWN_INCONSISTENT_RESULTS: Could not determine whether the server is vulnerable or not.\n ", "enum": [ "VULNERABLE_WEAK_ORACLE", "VULNERABLE_STRONG_ORACLE", @@ -1141,7 +1141,7 @@ }, "TlsResumptionSupportEnum": { "title": "TlsResumptionSupportEnum", - "description": "The result of attempting to resume TLS sessions with the server.\n\nAttributes:\n FULLY_SUPPORTED: All the session resumption attempts were successful.\n PARTIALLY_SUPPORTED: Only some of the session resumption attempts were successful.\n NOT_SUPPORTED: None of the session resumption attempts were successful.\n SERVER_IS_TLS_1_3_ONLY: The server only supports TLS 1.3, which does not support Session ID nor TLS Tickets\n resumption.", + "description": "The result of attempting to resume TLS sessions with the server.\n\n Attributes:\n FULLY_SUPPORTED: All the session resumption attempts were successful.\n PARTIALLY_SUPPORTED: Only some of the session resumption attempts were successful.\n NOT_SUPPORTED: None of the session resumption attempts were successful.\n SERVER_IS_TLS_1_3_ONLY: The server only supports TLS 1.3, which does not support Session ID nor TLS Tickets\n resumption.\n ", "enum": [ "FULLY_SUPPORTED", "PARTIALLY_SUPPORTED",