{"id":24526069,"url":"https://github.com/zhuima/rust-testssl","last_synced_at":"2025-03-15T15:41:21.036Z","repository":{"id":269409140,"uuid":"907322734","full_name":"zhuima/rust-testssl","owner":"zhuima","description":null,"archived":false,"fork":false,"pushed_at":"2024-12-23T12:40:39.000Z","size":41,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-22T05:31:51.064Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zhuima.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-23T10:23:47.000Z","updated_at":"2024-12-23T12:40:42.000Z","dependencies_parsed_at":"2024-12-23T11:30:56.330Z","dependency_job_id":"ac1ded88-ea46-4fa8-8874-7e8d9b4a28f3","html_url":"https://github.com/zhuima/rust-testssl","commit_stats":null,"previous_names":["zhuima/rust-testssl"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhuima%2Frust-testssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhuima%2Frust-testssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhuima%2Frust-testssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhuima%2Frust-testssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zhuima","download_url":"https://codeload.github.com/zhuima/rust-testssl/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243753989,"owners_count":20342537,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-22T05:29:39.385Z","updated_at":"2025-03-15T15:41:21.017Z","avatar_url":"https://github.com/zhuima.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Rust-TestSSL\n\nA Rust implementation of the popular [testssl.sh](https://github.com/drwetter/testssl.sh) tool for testing TLS/SSL security and configuration.\n\n## Project Structure\n\n```\nsrc/\n├── errors.rs              # Error handling\n├── lib.rs                 # Library entry\n├── main.rs                # Main program entry\n├── output.rs              # Output formatting\n├── rating.rs              # Rating system\n├── scanner/               # Core scanning functionality\n│   ├── network/          # Network-related scanning\n│   │   ├── dns_scanner.rs\n│   │   ├── http_scanner.rs\n│   │   ├── mod.rs\n│   │   └── tls_scanner.rs\n│   ├── security/         # Security-related scanning\n│   │   ├── mod.rs\n│   │   └── vulnerability_scanner.rs\n│   ├── simulation/       # Client simulation\n│   │   ├── mod.rs\n│   │   └── client_simulation.rs\n│   ├── tls/             # TLS-related scanning\n│   │   ├── forward_secrecy_scanner.rs\n│   │   ├── mod.rs\n│   │   └── server_defaults_scanner.rs\n│   └── mod.rs\n```\n\n## Core Components\n\n### Network Scanning (scanner/network/)\n- **DNS Scanner**: Domain resolution and DNS record checks\n- **HTTP Scanner**: HTTP security headers inspection\n- **TLS Scanner**: TLS protocol versions and configuration checks\n\n### Security Scanning (scanner/security/)\n- **Vulnerability Scanner**: Detection of common SSL/TLS vulnerabilities\n  - Heartbleed\n  - CCS Injection\n  - ROBOT\n  - BEAST\n  - POODLE\n  - And more...\n\n### TLS Scanning (scanner/tls/)\n- **Forward Secrecy Scanner**: Tests for forward secrecy support\n  - Cipher suite analysis\n  - Key exchange algorithms\n  - Signature algorithms\n  - Elliptic curves support\n\n- **Server Defaults Scanner**: Checks server configuration\n  - TLS extensions\n  - Session resumption\n  - Certificate details\n  - OCSP stapling\n  - Certificate transparency\n\n### Client Simulation (scanner/simulation/)\n- Simulates various client behaviors\n- Tests compatibility with different browsers and platforms\n- Checks protocol and cipher suite negotiations\n\n## Supporting Modules\n\n### certificates/\n- Certificate chain validation\n- Certificate information extraction\n- OCSP status checking\n- CT log verification\n\n### ciphers/\n- Cipher suite detection\n- Priority analysis\n- Key exchange algorithm testing\n\n### protocols/\n- TLS/SSL version support detection\n- Protocol downgrade protection\n- Protocol extension analysis\n\n### rating/\n- Security scoring system\n- Configuration assessment\n- Best practices evaluation\n\n## Development Status\n\n- [x] Basic framework\n- [x] TLS connection establishment\n- [x] Certificate analysis\n- [x] Client simulation\n- [x] DNS scanning\n- [x] HTTP security headers\n- [ ] Complete vulnerability scanning\n- [ ] Comprehensive testing\n\n## Contributing\n\n1. Follow Rust coding standards\n2. Add necessary test cases\n3. Update relevant documentation\n4. Test locally before submitting PR\n\n## License\n\nMIT","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzhuima%2Frust-testssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzhuima%2Frust-testssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzhuima%2Frust-testssl/lists"}