forked from ioerror/sslscan
-
Notifications
You must be signed in to change notification settings - Fork 1
/
TODO
18 lines (16 loc) · 875 Bytes
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Fix the certificate formatting (prefix it with whitespace)
Add support for SOCKS5 proxy (or audit for 'usewithtor')
Add support for SNI:
http://en.wikipedia.org/wiki/Server_Name_Indication
Update man page
Add tests for a given set of hosts that are known to be interesting
Add STARTTLS support for LDAP:
http://www.rfc-editor.org/rfc/rfc2830.txt
Make a Debian package
Merge the Windows port into tip: http://code.google.com/p/sslscan-win/
Send diff from 1.8.2 to the upstream developer
Ensure that output is highlighted for dangerous ciphers (blink, blink)
Throw up sirens if ssl2 is enabled
ciphers from the LOW/EXP/eNULL category are supported for any protocol
renegotiation is allowed on tlsv1 (maybe check if TRACE is supported if it's an http server)
We should explictly check for things that may be NULL; the original author was not very careful.