performing-ssl-tls-security-assessment

Solid

Assess SSL/TLS server configurations using the sslyze Python library to evaluate cipher suites, certificate chains, protocol versions, HSTS headers, and known vulnerabilities like Heartbleed and ROBOT.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
80
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing SSL/TLS Security Assessment ## Overview Assess SSL/TLS server configurations using sslyze, a fast Python-based scanning library. This skill covers evaluating supported protocol versions (SSLv2/3, TLS 1.0-1.3), cipher suite strength, certificate chain validation, HSTS enforcement, OCSP stapling, and scanning for known vulnerabilities including Heartbleed, ROBOT, and session renegotiation weaknesses. ## When to Use - When conducting security assessments that involve performing ssl tls security assessment - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Python 3.9+ with `sslyze` library (pip install sslyze) - Network access to target HTTPS servers on port 443 - Understanding of TLS protocol versions and cipher suite classifications ## Steps ### Step 1: Configure Server Scan Create ServerScanRequest with ServerNetworkLocation specifying target hostname and port. ### Step 2: Execute TLS Scan Use sslyze Scanner to queue and execute scans for all TLS check commands concurrently. ### Step 3: Analyze Results Evaluate accepted cipher suites, certificate validity, protocol versions, and vulnerability scan results. ### Step 4: Generate Security Report Produce a JSON report with compliance findings and remediation recommendations. ## Expected Output JSON report with supported protocols, accep...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

Code & Development Solid

cryptographic-analysis--assessment

SSL/TLS auditing, cipher suite analysis, hash algorithm identification, encryption implementation review, and cryptographic weakness detection in code

47 Updated today
Masriyan
AI & Automation Featured

performing-ssl-tls-inspection-configuration

Configure SSL/TLS inspection on network security devices to decrypt, inspect, and re-encrypt HTTPS traffic for threat detection while managing certificates, exemptions, and privacy compliance.

12,642 Updated today
mukul975
AI & Automation Featured

configuring-tls-1-3-for-secure-communications

TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements over TLS 1.2 in both security and performance. It reduces handshake latency to 1-R

12,642 Updated today
mukul975
AI & Automation Solid

tls-security

Expert skill for TLS/SSL implementation and certificate management. Generate and validate TLS configurations, create and manage X.509 certificates, analyze cipher suite security, debug TLS handshake failures, and implement certificate pinning.

1,034 Updated today
a5c-ai
AI & Automation Featured

performing-bluetooth-security-assessment

Assess Bluetooth Low Energy device security by scanning, enumerating GATT services, and detecting vulnerabilities

12,642 Updated today
mukul975