Solved

Ways to assess https/ssl websites

Posted on 2016-11-02
3
53 Views
Last Modified: 2016-11-08
https://www.ssllabs.com/ssltest

I currently use the above to scan & assess (but without whitelisting).
Are there better ways/tools do assess a https/ssl site?  Some sites
simply cant connect using the above scanning url
0
Comment
Question by:sunhux
3 Comments
 
LVL 12

Accepted Solution

by:
Kent W earned 250 total points
ID: 41870663
Can you explain more of what you mean by "can not connect using the above scanning URL"?
If there is something preventing SSL labs from connecting to your sites, this will probably hinder others.
There are other scanners, I'll only list those that check the security / validity of your cert. Some, for instance, are geared towards just checking for correct installation. These actually test SSL security factors.  (That being said, it's very hard to beat Qualys's SSL Labs.)
Others -
https://www.sslshopper.com/ssl-checker.html
https://www.htbridge.com/ssl/
0
 

Assisted Solution

by:sunhux
sunhux earned 0 total points
ID: 41871586
Then I should be looking at other aspects of the secure website like
what Pen Test scans do : Tcp timestamp, folders of the IIS is listable
etc
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 41871664
SSL Labs testing makes a lot of requests to the site it is testing.  Some sites reject the requests at times on the basis that it is not a 'normal' method of requesting the site.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now