Scanning TLS Server Configurations With Burp Suite

In this post, we present our new Burp Suite extension "TLS-Attacker".
Using this extension penetration testers and security researchers can assess the security of TLS server configurations directly from within Burp Suite.
The extension is based on the TLS-Attacker framework and the TLS-Scanner, both of which are developed by the Chair for Network and Data Security.

You can find the latest release of our extension at: https://github.com/RUB-NDS/TLS-Attacker-BurpExtension/releases

TLS-Scanner

Thanks to the seamless integration of the TLS-Scanner into the BurpSuite, the penetration tester only needs to configure a single parameter: the host to be scanned.  After clicking the Scan button, the extension runs the default checks and responds with a report that allows penetration testers to quickly determine potential issues in the server's TLS configuration.  Basic tests check the supported cipher suites and protocol versions.  In addition, several known attacks on TLS are automatically evaluated, including Bleichenbacher's attack, Padding Oracles, and Invalid Curve attacks.

Furthermore, the extension allows fine-tuning for the configuration of the underlying TLS-Scanner.  The two parameters parallelProbes and overallThreads can be used to improve the scan performance (at the cost of increased network load and resource usage).

It is also possible to configure the granularity of the scan using Scan Detail and Danger Level. The level of detail contained in the returned scan report can also be controlled using the Report Detail setting.

Please refer to the GitHub repositories linked above for further details on configuration and usage of TLS-Scanner.

Scan History 

If several hosts are scanned, the Scan History tab keeps track of the preformed scans and is a useful tool when comparing the results of subsequent scans.

Additional functions will follow in later versions

Currently, we are working on integrating an at-a-glance rating mechanism to allow for easily estimating the security of a scanned host's TLS configuration.

This is a combined work of Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, Vladislav Mladenov, and Robert Merget.  The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

If you would like to learn more about TLS, Juraj and Robert will give a TLS Training at Ruhrsec on the 27th of May 2019. There are still a few seats left.

Related links

1. Hack Tools For Ubuntu
2. Pentest Tools Website Vulnerability
3. Best Hacking Tools 2020
4. Hacker Tool Kit
5. Pentest Tools Online
6. Hacking Tools For Mac
7. Hacking Tools Windows 10
8. Hacking Tools For Games
9. Pentest Tools For Windows
10. Pentest Tools Find Subdomains
11. Hacking Tools And Software
12. Hacker Tools For Pc
13. Easy Hack Tools
14. Pentest Tools
15. Hacking Tools Mac
16. Pentest Tools Review
17. Wifi Hacker Tools For Windows
18. Pentest Tools Github
19. Hack Tools For Games
20. Hack Apps
21. Hacking Tools Windows
22. Hacker Tools For Ios
23. Physical Pentest Tools
24. Pentest Box Tools Download
25. Pentest Tools Port Scanner
26. Hacker Tools Online
27. Hacking Tools For Games
28. Hacking Tools Windows 10
29. Hacking Tools For Kali Linux
30. Hack Tools Mac
31. Easy Hack Tools
32. Hacking Tools Download
33. Physical Pentest Tools
34. New Hack Tools
35. Pentest Tools Bluekeep
36. Hackers Toolbox
37. Hacking Tools 2019
38. Top Pentest Tools
39. Pentest Tools For Mac
40. Blackhat Hacker Tools
41. Pentest Tools Tcp Port Scanner
42. Blackhat Hacker Tools
43. Hacking Tools 2020
44. Pentest Tools For Ubuntu
45. Hack Tools Download
46. Hacker Tools For Ios
47. Pentest Reporting Tools
48. Nsa Hacker Tools
49. Hacker Tools Apk Download
50. Tools Used For Hacking
51. Blackhat Hacker Tools
52. Pentest Tools Tcp Port Scanner
53. Hacking Tools
54. Hack Tools Download
55. Nsa Hack Tools
56. Game Hacking
57. Hacking Tools For Windows 7
58. Wifi Hacker Tools For Windows
59. Hacking Tools For Windows 7
60. Pentest Tools Free
61. Hack Tools
62. Nsa Hack Tools
63. Tools 4 Hack
64. Hacking Tools Name
65. World No 1 Hacker Software
66. Hack Tools For Games
67. Tools Used For Hacking
68. Blackhat Hacker Tools
69. Pentest Recon Tools
70. Pentest Tools Linux
71. Kik Hack Tools
72. Hacker Tools Mac
73. Underground Hacker Sites
74. Top Pentest Tools
75. Physical Pentest Tools
76. Hacker Tools For Mac
77. Pentest Tools Online
78. Hacking Tools For Kali Linux
79. Hackrf Tools
80. Hacking Tools And Software
81. Hacking Tools Name
82. Hack App
83. Hak5 Tools
84. Tools 4 Hack
85. Pentest Tools Open Source
86. Pentest Recon Tools
87. Pentest Tools Port Scanner
88. Hacker
89. How To Install Pentest Tools In Ubuntu
90. Hacking Tools Pc
91. Hacking Tools
92. Pentest Box Tools Download
93. Pentest Tools Apk
94. Hacking Tools 2019
95. Hack Tools Mac
96. Pentest Tools List
97. Hacking Tools Software
98. Hack Tools Download
99. Game Hacking
100. Hacks And Tools
101. Pentest Tools Github
102. Hacker Tools 2020
103. Free Pentest Tools For Windows
104. Hack Website Online Tool
105. Top Pentest Tools
106. Pentest Tools Free
107. Kik Hack Tools
108. Hack Tool Apk No Root
109. Beginner Hacker Tools
110. How To Make Hacking Tools
111. Hack Tools
112. Pentest Tools Kali Linux
113. Pentest Tools Nmap
114. Hack Tools Github
115. Hack Apps
116. Game Hacking
117. Pentest Tools Subdomain
118. Hacker Tool Kit
119. Hacker Hardware Tools
120. Tools 4 Hack
121. Hacker Tools Online
122. Pentest Tools Github
123. Hack Tool Apk No Root
124. Hacking Tools For Beginners
125. Pentest Tools Tcp Port Scanner
126. Hacking Tools For Windows
127. What Is Hacking Tools
128. Hackrf Tools
129. Hacking Tools
130. Wifi Hacker Tools For Windows
131. Hack Tool Apk
132. Hacking Tools Mac
133. Growth Hacker Tools
134. Hack Tools Pc
135. Pentest Tools Url Fuzzer
136. Game Hacking
137. Hacking Tools Software
138. Hack Tool Apk
139. Hacking Tools Online
140. Hacking Tools Usb