Thursday, December 25, 2014

SSL Breacher Update

- SSL LABs scan support; its PDF report will be saved [required WKHTMLTOPDF]
- Updated Firefox root cert
- All dependencies (Java,Python,WKHTMLPDF) are bundled together in Windows platform and can be activated via breacher64.cmd
- Result outputs are now moved to /output/{host} folder
- Added bash scripts for scanning hosts in file (, breacher64_filelist.cmd)

Medium-strength ciphers check for high-security required sites

Improved check for FS cipher and GCM/CCM mode ciphers by reporting exception if not in server's preferred ciphers

Added POODLE vulnerability check
Fixed bug in HTTP elements embedded in SSL page
Introduced breacher.config to select all  (default) or desired SSL checks

Added warning for SHA1 hashing algorithm in certificate check -
Fixed bug in hostname validation
Fixed bug in scanning problems in certain hosts due to limited ciphers enabled

Fix bug in caching control header check

Fix in raising exception when scanning sites such as

Fix in HSTS incorrect parsing error
Added more error check in dependencies requirements