HelpAddonsHttpsinfoHttpsinfo
The HTTPS Info add-on is accessed via the context menu within the Sites Tree or History table. It displays tabs in a status panel, in which various summary information is displayed regarding the target server's HTTPS certificate, and the offered SSL/TLS cipher suites.
This add-on leverages another OWASP project: Deep Violet to perform it's certificate and cipher suite information gathering.
The top portion of a tab is devoted to general details of the SSL/TLS certificate presented by the server. Such as:
- Subject DN
- Signing Algorithm
- Certificate Fingerprint
- Issuer DN
- Validity Dates
- Self-signed Status
- etc.
The bottom portion of a tab is devoted to enumeration/listing of the specific Cipher Suites the target server offers, grouped by handshake protocol (SSLv2, SSLv3, TLSv1, TLSv1.1, etc.).
- Introduction
-
2.0 Add-ons
- Add-ons: Release
- Add-ons: Beta
-
Add-ons: Alpha
-
Active Scan Rules - alpha
-
Access Control Testing
-
All In One Notes
-
Authentication Statistics
- Browser View
- Bug Tracker
-
Code Dx
-
Community Scripts
- Custom Payloads
- Custom Report
- DOM XSS Active Scan Rule
- Export Report
-
Form Handler
-
Groovy Scripting
-
HTTPS Info Add-on
-
Open API Specification Support
-
Passive Scan Rules - alpha
-
Replacer
-
Revisit
-
Server-Sent Events
-
Sequence Scanner
-
Simple Example
-
SOAP Scanner
-
SNI Terminator
-
Technology Detection
-
TLS Debug
-
- Add-on Development
- Add-on Structure
- Add-on Debugging
- Examples
- Upgrade
- Code Structure
- 1.4 Add-ons
(This is work in progress;)