SSLyze is a fast and powerful SSL/TLS scanning library and tool that analyzes server configurations to ensure strong encryption and detect known vulnerabilities.
Fast and powerful SSL/TLS scanning library.
SSLyze is primarily used by security professionals and system administrators to audit and verify the SSL/TLS configurations of servers, ensuring compliance with best practices and detecting vulnerabilities like Heartbleed or ROBOT. It is ideal for integration into CI/CD pipelines to automate continuous security checks of network services.
For best results, use SSLyze within automated CI/CD pipelines to continuously monitor server TLS configurations. The tool requires Python and pip for installation, and supports multiple platforms including Windows, Linux, and macOS. Users should ensure their custom TLS configuration JSON files adhere to Mozilla's TLS configuration format when using the custom config option.
pip install --upgrade pip setuptools wheel
pip install --upgrade sslyzepython -m sslyze www.yahoo.com www.google.com "[2607:f8b0:400a:807::2004]:443"
Run a scan on specified domains and IPv6 address with default settings.
docker run --rm -it nablac0d3/sslyze:6.1.0 www.google.com
Run SSLyze scan using the official Docker image.
python -m sslyze mozilla.com
Scan a server and check compliance against Mozilla's intermediate TLS configuration.
python -m sslyze --mozilla_config=modern mozilla.com
Scan a server and check compliance against Mozilla's modern TLS configuration.
python -m sslyze --custom_tls_config custom_tls_config_example.json mozilla.com
Scan a server and check compliance against a custom TLS configuration defined in a JSON file.