loading
Loading content
loading
Also known as SSL, TLS
TLS (Transport Layer Security) encrypts traffic between a client and a server and proves the server's identity with an X.509 certificate signed by a trusted authority. It replaced SSL, whose last version, 3.0, fell to the POODLE attack and is now disabled everywhere. Modern deployments run TLS 1.2 or 1.3; the older 1.0 and 1.1 versions are deprecated. Without TLS, anyone on the path can read or alter the data, which is the basis of a man-in-the-middle attack.
For offensive work, TLS configuration is a rich source of findings. Expired or self-signed certificates, weak ciphers, missing forward secrecy, and certificates that cover hostnames you did not know about all surface during assessment. Service fingerprinting reads the certificate and negotiated cipher to identify the stack behind a port. Certificate fields also reveal infrastructure, which ties into certificate transparency logs that publish every issued certificate and leak forgotten subdomains.
In an automated workflow, you scan TLS endpoints for protocol versions, cipher strength, and certificate validity, then flag weak configurations and pull certificate subject names back into discovery to expand the surface. Web checks often pair this with content security policy review.
Related terms