testssl.sh
CLI probe of TLS/SSL ciphers, protocols, headers, and common misconfigurations on any TCP listener.
Why it is included
Portable bash/openssl approach beloved for quick TLS posture snapshots.
Best for
External and internal TLS reviews in authorized scans.
Strengths
- No Java
- Clear output
- CI friendly
Limitations
- Active probing—coordinate rate and scope
Good alternatives
SSL Labs API · sslscan
Related tools
Security & Privacy
Nmap
Network discovery and security auditing scanner with scripting (NSE) and OS fingerprinting.
Security & Privacy
OWASP ZAP
OWASP flagship web app scanner and proxy: automated checks, manual request tampering, scripting, and CI integrations.
Security & Privacy
OpenSSL
TLS and cryptography toolkit underpinning HTTPS, SSH adjacency, and certificate workflows.
Security & Privacy
mitmproxy
Interactive TLS-capable HTTP(S) proxy with console, web, and scriptable interception.
Security & Privacy
Hashcat
GPU-accelerated password recovery and hash cracking supporting hundreds of algorithms and attack modes.
Security & Privacy
Metasploit Framework
Modular exploitation framework with payloads, encoders, auxiliaries, and integration points for exploit development.