After a few months of work and research we have updated the SSL Analyzer tool to version 1.1. So, here is a description about the SSL Analyzer and who should use it.
What is it?
This tool was created for penetration testers and for site administrations who want to check if their server allows usage of insecure SSL algorithms.
SSL did not allow attackers to read/change the traffic between the client (computer/mobile browser) and the server, if the server allows insecure algorithms, the attacker can force the browser to use them and break the encryption (as they are named, they are insecure algorithms…).
Easy to use
SSL Vulnerabilities Analyzer has a nice interactive tool that makes it easy to run and check if the server contains insecure algorithms also for non-technical people.
SSL vulnerabilities analyzer shared with his source code under GPL v3 license, as a gift back to the open source community.
You can download the current version (1.1) from here: SSL Analyzer version 1.1 zip
For more details, source code and versions, please visit the dedicated area in our website: https://appsec-labs.com/SSL_Analyzer
Well, I plan to add some more tests, like secure flag of cookies, cache header policy, renegotiate and more, you invited to send a feedback if you want one of them first J
If you have any thought, please let me know
Penetration Testing Team Leader