Thursday, 28 May 2015

Enumerator script update 3

Here we go again, more changes! So earlier today @digininja sent me a tweet about switching sslscan with tlssled... what a brilliant idea. Much like enum4linux and nbtscan so tlssled is a bash script that runs openssl and sslscan.

TLSSLed brings to the table added tests like a test for TLS v1.1 and v1.2 support (CVE-2011-3389 aka BEAST), a test to check for legacy renegotiation even when secure, a test if SSL/TLS renegotiation is enabled and much more. Full details available in the script itself (should be under /usr/bin/ in your Kali box or you can get the full detail adn the script itself from

Credit for the upgrade to @digininja and @raulsiles for making the script to begin with.

As usual new version available on github.

Many thanks



  1. Hi Nikolaos. Great work on this script! I've been using it since I first found it. Saves me so much time on my pen tests! However, (and please don't take this as talking bad about your code because that's not at all what I'm doing), it doesn't appear to work very well through ssh tunnels/proxychains. Do you have any plans to update it to work in such a situation? If not, how would I go about modifying it to work that way?

    1. glad to hear it mate, the format right now is pretty flat so I would have to nest everything in ifs (probably) and take it from there. I will add it to my TODO, thanks for the feedback :)