https://github.com/alexandre-meline/lts-scan

LTS scan is a lightweight and asynchronous command-line tool for scanning SSL/TLS configurations using the Qualys SSL Labs API. It supports bulk domain scanning with output in CSV or JSON formats, making it ideal for audits, compliance, and cybersecurity monitoring.
https://github.com/alexandre-meline/lts-scan

command-line-tool cybersecurity https python qualys reporting security ssl ssl-labs ssl-scan tls

Last synced: 4 months ago
JSON representation

LTS scan is a lightweight and asynchronous command-line tool for scanning SSL/TLS configurations using the Qualys SSL Labs API. It supports bulk domain scanning with output in CSV or JSON formats, making it ideal for audits, compliance, and cybersecurity monitoring.

• Host: GitHub
• URL: https://github.com/alexandre-meline/lts-scan
• Owner: alexandre-meline
• License: mit
• Created: 2025-04-16T12:23:07.000Z (9 months ago)
• Default Branch: master
• Last Pushed: 2025-04-18T09:04:39.000Z (9 months ago)
• Last Synced: 2025-06-01T09:41:46.285Z (8 months ago)
• Topics: command-line-tool, cybersecurity, https, python, qualys, reporting, security, ssl, ssl-labs, ssl-scan, tls
• Language: Python
• Homepage:
• Size: 81.1 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# LTS scan

**lts-scan** is a command-line tool written in Python that leverages the [Qualys SSL Labs API](https://api.ssllabs.com) to scan and evaluate SSL/TLS configurations of websites.  

It supports multiple hosts, retry logic, and output in CSV or JSON formats.

---

## ✨ Features

- Asynchronous scans using `asyncio` and `aiohttp`

- Retry mechanism for API failures

- Supports both CSV and JSON output

- Automatically waits until scan status is `READY` or `ERROR`

- Command-line options for customization

- Clear and readable logs

---

## 🚀 Installation

You can install `lts-scan` from [PyPI](https://pypi.org/project/lts-scan/) using pip:

```bash

pip install lts-scan

```

Or from source we recommend using [Poetry](https://python-poetry.org/) for managing dependencies and environments.

```bash

git clone https://github.com/alexandre-meline/lts-scan.git

cd lts-scan

poetry install

```

## 🧪 Usage

Create a hosts.txt file with one domain per line:

```bash

google.com

github.com

expired.badssl.com

```

Then run the tool:

```bash

lts-scan --input hosts.txt --output results.csv

```

You can customize the output format:

```bash

lts-scan --input hosts.txt --output results.json --format json

```

### 🔧 Command-line options

| Option | Description | Default |

| --- | --- | --- |

| `--input` | Path to the input file containing hosts |_required_ |

| `--output` | Path to the output file | _required_ |

| `--format` | Output format: `csv` or `json` | `csv` |

| `--retries` | Number of retry attempts on request failure | `3` |

| `--delay` | Delay (in seconds) between retries | `10` |

## 📄 Output Examples

CSV

```csv

host,status,startTime,testTime,ipAddress,grade

example.com,READY,1681234567890,1681237890123,93.184.216.34,A

```

JSON

```json

[

  {

    "host": "example.com",

    "status": "READY",

    "startTime": 1681234567890,

    "testTime": 1681237890123,

    "endpoints": [

      {

        "ipAddress": "93.184.216.34",

        "grade": "A"

      }

    ]

  }

]

```

## 📋 License

This project is licensed under the MIT License.

## 🙌 Acknowledgements

- [Qualys SSL Labs API](https://www.ssllabs.com/)

## 💡 Future Improvements

- Parallel host scanning

- Export to HTML or PDF

## 🤝 Contributions

Pull requests and suggestions are welcome! Please open an issue or submit a PR to help improve the tool.