{"id":13587990,"url":"https://github.com/jumanjihouse/docker-testssl","last_synced_at":"2026-01-04T00:48:58.882Z","repository":{"id":2116140,"uuid":"42691396","full_name":"jumanjihouse/docker-testssl","owner":"jumanjihouse","description":"http://testssl.sh/ in a tiny docker container","archived":false,"fork":false,"pushed_at":"2024-07-22T22:42:42.000Z","size":187,"stargazers_count":21,"open_issues_count":3,"forks_count":9,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-06T07:40:03.901Z","etag":null,"topics":["bigip","caa","cipher","crime","ct","docker","drown","freak","heartbleed","hpkp","hsts","logjam","ocsp","poodle","rc4","scanner","security-tools","socket","ticketbleed","tls"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jumanjihouse.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-09-18T01:09:25.000Z","updated_at":"2023-11-24T18:06:41.000Z","dependencies_parsed_at":"2024-11-06T07:33:09.554Z","dependency_job_id":"3c358341-1c96-40df-990e-d93603ea2831","html_url":"https://github.com/jumanjihouse/docker-testssl","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jumanjihouse%2Fdocker-testssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jumanjihouse%2Fdocker-testssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jumanjihouse%2Fdocker-testssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jumanjihouse%2Fdocker-testssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jumanjihouse","download_url":"https://codeload.github.com/jumanjihouse/docker-testssl/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247765083,"owners_count":20992231,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bigip","caa","cipher","crime","ct","docker","drown","freak","heartbleed","hpkp","hsts","logjam","ocsp","poodle","rc4","scanner","security-tools","socket","ticketbleed","tls"],"created_at":"2024-08-01T15:06:27.384Z","updated_at":"2026-01-04T00:48:58.841Z","avatar_url":"https://github.com/jumanjihouse.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"Test TLS/SSL of arbitrary services and ports\n============================================\n\n- [Overview](#overview)\n- [How-To](#how-to)\n  - [Pull an already-built image](#pull-an-already-built-image)\n  - [Run the image](#run-the-image)\n  - [Build and test images locally](#build-and-test-images-locally)\n  - [View labels](#view-labels)\n  - [Contribute](#contribute)\n- [About the build](#about-the-build)\n- [Stale tags](#stale-tags)\n- [Operational status of SaaS providers](#operational-status-of-saas-providers)\n- [License](#license)\n\n\nOverview\n--------\n\nThis repo provides docker images for `testssl.sh`,\na free command line tool to check a service\non any port for the support of TLS/SSL ciphers,\nprotocols, recent cryptographic flaws, and more.\nEach image provides everything needed to run\n`testssl.sh` the way upstream intends it to be run.\n\nBuild status for master branch: [![Circle CI](https://circleci.com/gh/jumanjihouse/docker-testssl/tree/master.svg?style=svg\u0026circle-token=21344117bb3bc61b8096a1a1b76514ab7b8a3f85)](https://circleci.com/gh/jumanjihouse/docker-testssl/tree/master)\u003cbr/\u003e\nDocker image: https://quay.io/repository/jumanjiman/testssl\u003cbr/\u003e\nDocker source: https://github.com/jumanjihouse/docker-testssl\u003cbr/\u003e\nUpstream source: https://github.com/drwetter/testssl.sh\u003cbr/\u003e\n\n:warning: The **latest** tag at quay refers to the **stable** version.\n\n\nHow-To\n------\n\n### Pull an already-built image\n\n    docker pull quay.io/jumanjiman/testssl\n\n\n### Run the image\n\nYou can run the image using the [`docker-compose.yaml`](docker-compose.yaml)\nfile in this git repo:\n\n    # Show help.\n    docker-compose run testssl --help\n\n    # Do a limited scan with a subset of options against one host.\n    docker-compose run testssl --heartbleed --ip one https://www.google.com/\n\n\nYou can also run the image with the `docker` command directly:\n\n    run_opts=\"\n    -i\n    -t\n    --rm\n    --read-only\n    --cap-drop     all\n    --memory       100M\n    --pids-limit   1000\n    --cpu-shares   512\n    \"\n\n    docker run ${run_opts} quay.io/jumanjiman/testssl --help\n\nThe above examples use `--read-only` and `--cap-drop all` as recommended by the\nCIS Docker Security Benchmarks:\n\n* [CIS Security Benchmark for Docker 1.6](https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.6_Benchmark_v1.0.0.pdf)\n* [CIS Security Benchmark for Docker 1.11](https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.11.0_Benchmark_v1.0.0.pdf)\n* [CIS Security Benchmark for Docker 1.12](https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.12.0_Benchmark_v1.0.0.pdf)\n* [CIS Security Benchmark for Docker 1.13](https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.13.0_Benchmark_v1.0.0.pdf)\n\n\n### Build and test images locally\n\n:warning: All build configuration variables are in [`ci/build`](ci/build).\n\nOn a host, such as devenv:\n\n    # Optional. Your URL may vary.\n    export DOCKER_HOST=tcp://192.168.254.162:2375\n\n    # Build images.\n    ci/build\n\n    # Run the tests.\n    ci/test\n\nNote: The test harness requires Python and the `pip` command.\n\n\n### View labels\n\nEach built image has labels that generally follow http://label-schema.org/\n\nWe add a label, `ci-build-url`, that is not currently part of the schema.\nThis extra label provides a permanent link to the CI build for the image.\n\nView the ci-build-url label on a built image:\n\n    docker inspect \\\n      -f '{{ index .Config.Labels \"io.github.jumanjiman.ci-build-url\" }}' \\\n      quay.io/jumanjiman/testssl\n\nQuery all the labels inside a built image:\n\n    docker inspect quay.io/jumanjiman/testssl | jq -M '.[].Config.Labels'\n\n\n### Contribute\n\nFork [this repo](https://github.com/jumanjihouse/docker-testssl)\nand see [CONTRIBUTING.md](CONTRIBUTING.md).\n\n:warning: All build configuration variables are in [`ci/build`](ci/build).\n\n\nAbout the build\n---------------\n\n`ci/build` uses `docker-compose` to create a \"base\" image\nthat contains the statically-linked version of openssl from\n[https://testssl.sh/](https://testssl.sh/).\nFrom the common base, `ci/build` creates two runtime images:\n\n* **stable** version of the `testssl.sh` script\n* **dev** version of the `testssl.sh` script\n\nWhen the build happens against the master branch on CircleCI,\nthe `ci/publish` script pushes both the stable and dev images to\n[Quay.io](https://quay.io/repository/jumanjiman/testssl?tab=tags).\nIt also pushes a \"latest\" tag, which refers to the stable version.\n\n\nStale tags\n----------\n\nOld images tend to have vulnerabilities.\u003cbr/\u003e\nQuay has a feature to use a special label, `quay.expires-after`, to expire tags.\nThis repo applies the label to images so that old images get deleted automatically.\n\nSee https://support.coreos.com/hc/en-us/articles/115001384693-Tag-Expiration\nfor more information about the Quay feature.\u003cbr/\u003e\nSee [src/Dockerfile](src/Dockerfile) for the current value of the label.\n\n:warning: This is a Quay feature, not a docker feature.\n\n\nOperational status of SaaS providers\n------------------------------------\n\nCircleCI: [http://status.circleci.com/](http://status.circleci.com/)\n\nQuay registry: [http://status.quay.io/](http://status.quay.io/)\n\n\nLicense\n-------\n\nThis repo, testssl, and openssl are licensed under the GPLv2.\nSee [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjumanjihouse%2Fdocker-testssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjumanjihouse%2Fdocker-testssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjumanjihouse%2Fdocker-testssl/lists"}