sslyze

Command: --key - Client private key file.

Command: --sni - Use Server Name Indication to specify the hostname to connect to. Will only affect TLS 1.0+ connections.

Command: --cert - Client certificate chain filename. The certificates must be in PEM format and must be sorted starting with the subject's client certificate, followed by intermediate CA certificates if applicable.

Command: --pass - Client private key passphrase.

Command: --quiet - Do not output anything to stdout

Command: --reneg - Test a server for for insecure TLS renegotiation and client-initiated renegotiation.

Command: --resum - Test a server for TLS 1.2 session resumption support using session IDs and TLS tickets.

Command: --robot - Test a server for the ROBOT vulnerability.

Command: --sslv2 - Test a server for SSL 2.0 support.

Command: --sslv3 - Test a server for SSL 3.0 support.

Command: --tlsv1 - Test a server for TLS 1.0 support.

Command: - The server to scan

Command: --keyform - Client private key format. DER or PEM (default).

Command: --tlsv1_1 - Test a server for TLS 1.1 support.

Command: --tlsv1_2 - Test a server for TLS 1.2 support.

Command: --tlsv1_3 - Test a server for TLS 1.3 support.

Command: --xmpp_to - Optional setting for STARTTLS XMPP. XMPP_TO should be the hostname to be put in the 'to' attribute of the XMPP stream. Default is the server's hostname.

Command: --certinfo - Retrieve and analyze a server's certificate(s) to verify its validity.

Command: --fallback - Test a server for the TLS_FALLBACK_SCSV mechanism to prevent downgrade attacks.

Command: --starttls - Perform a StartTLS handshake when connecting to the target server(s). StartTLS should be one of: auto, smtp, xmpp, xmpp_server, pop3, imap, ftp, ldap, rdp, postgres. The 'auto' option will cause SSLyze to deduce the protocol (ftp, imap, etc.) from the supplied port number, for each target servers.

Command: --early_data - Test a server for TLS 1.3 early data support.

Command: --heartbleed - Test a server for the OpenSSL Heartbleed vulnerability.

Command: --targets_in - Read the list of targets to scan from a file. It should contain one host:port per line.

Command: --compression - Test a server for TLS compression support, which can be leveraged to perform a CRIME attack.

Command: --openssl_ccs - Test a server for the OpenSSL CCS Injection vulnerability (CVE-2014-0224).

Command: --http_headers - Test a server for the presence of security-related HTTP headers.

Command: --https_tunnel - Tunnel all traffic to the target server(s) through an HTTP CONNECT proxy. HTTP_TUNNEL should be the proxy's URL: 'http://USER:PW@HOST:PORT/'. For proxies requiring authentication, only Basic Authentication is supported.

Command: --mozilla_config - Shortcut to queue various scan commands needed to check the server's TLS configurations against one of Mozilla's recommended TLS configuration. Set to 'intermediate' by default. Use 'disable' to disable this check.

Command: --resum_attempts - To be used with --resum. Number of session resumptions (both with Session IDs and TLS Tickets) that SSLyze should attempt. The default value is 5, but a higher value such as 100 can be used to get a more accurate measure of how often session resumption succeeds or fails with the server.

Command: --elliptic_curves - Test a server for supported elliptic curves.

Command: --slow_connection - Greatly reduce the number of concurrent connections initiated by SSLyze. This will make the scans slower but more reliable if the connection between your host and the server is slow, or if the server cannot handle many concurrent connections. Enable this option if you are getting a lot of timeouts or errors.

Command: --certinfo_ca_file - To be used with 'certinfo'. File containing root certificates in PEM format that will be used to verify the validity of the server's certificate.