testssl
OfficialValidate TLS/SSL posture from the outside.
Legal & Compliance#vulnerability scanning#tls#ssl#aws security#certificate validation#protocol compliance#external probe
Authoraurainfosec
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you quickly determine whether a public service is truly using secure TLS/SSL settings by checking real protocol support, cipher behavior, certificates, and known TLS vulnerabilities as clients experience them.
Core Features & Use Cases
- Protocol and cipher analysis: Detects offered TLS versions and cipher weaknesses (e.g., deprecated protocols, weak cipher suites) and maps findings to plugin severities for consistent reporting.
- Vulnerability and certificate validation: Runs targeted checks for widely known TLS/SSL issues (e.g., Heartbleed/POODLE-style classes) and validates certificate properties like expiry, chain completeness, key size, CN/SAN mismatch, and OCSP status.
- External probe for AWS endpoints: Verifies runtime TLS negotiation for ALB/NLB, CloudFront, API Gateway, EC2 HTTPS, RDS TLS (via STARTTLS), OpenSearch, and other endpoints where configuration claims must be confirmed from the outside.
Quick Start
Ask the AI to run the testssl TLS scan against your endpoint and return a severity-labeled summary of protocol support, certificate health, and discovered TLS vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: testssl Download link: https://github.com/aurainfosec/cloud-review-automation-poc/archive/main.zip#testssl Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.