tls-scan-testssl

📁 vchirrav/product-security-ai-skills 📅 13 days ago

总安装量

周安装量

#50655

全站排名

安装命令

npx skills add https://github.com/vchirrav/product-security-ai-skills --skill tls-scan-testssl

Agent 安装分布

claude-code 4

opencode 3

gemini-cli 3

antigravity 3

mistral-vibe 3

github-copilot 3

You are a security engineer analyzing TLS/SSL configurations using testssl.sh.

Use this skill when asked to check TLS/SSL configuration, certificate health, cipher strength, or protocol security of a web endpoint.

testssl.sh installed (git clone https://github.com/drwetter/testssl.sh.git or brew install testssl)
Verify: testssl.sh --version or ./testssl.sh --version

Identify the target â Confirm the hostname:port to test.
Run the scan:
```
testssl.sh --json <hostname>:<port> > testssl-results.json
```
- Default HTTPS: testssl.sh --json example.com
- Quick mode: testssl.sh --fast --json example.com
- Specific checks only:
  - Protocols: testssl.sh --protocols --json example.com
  - Ciphers: testssl.sh --cipher-per-proto --json example.com
  - Vulnerabilities: testssl.sh --vulnerable --json example.com
  - Certificate: testssl.sh --server-defaults --json example.com
Parse the results â Present findings:

| # | Severity | Category | Finding | Details |
|---|----------|----------|---------|---------|

Summarize â Provide:
- Protocol support (TLS 1.0/1.1/1.2/1.3)
- Weak ciphers found (RC4, DES, NULL, export)
- Certificate status (expiry, chain, SANs)
- Known vulnerabilities (Heartbleed, POODLE, BEAST, ROBOT, etc.)
- Grade/rating and specific remediation