-
Notifications
You must be signed in to change notification settings - Fork 1
HelpAddonsHttpsinfoHttpsinfo
The HTTPS Info add-on is accessed via the context menu within the Sites Tree or History table. It displays a dialog in which various summary information is displayed regarding the target server's HTTPS configuration, and the offered SSL/TLS cipher suites.
The top portion of the dialog is devoted to general details of the SSL/TLS configuration. Such as:
- Minimum Cipher Strength
- Maximum Cipher Strength
- Compression Support
- BEAST Status (Vulnerable/Protected)
- CRIME Status (Vulnerable/Protected)
If vulnerabilities are detected then Alerts are raised.
The bottom portion of the dialog is devoted to enumeration/listing of the specific Cipher Suites the target server offers, grouped by protocol (SSLv2, SSLv3, TLSv1, TLSv1.1, etc.). The "Determine Server Preference" button iterates through the list of available Cipher Suites in order to determine the order with which the server would "prefer" to select Cipher Suites.
- Introduction
-
2.0 Add-ons
- Add-ons: Release
- Add-ons: Beta
-
Add-ons: Alpha
- Active Scan Rules - alpha
- Access Control Testing
- All In One Notes
- Authentication Statistics
- Browser View
- Bug Tracker
- Code Dx
- Community Scripts
- Custom Payloads
- Custom Report
- DOM XSS Active Scan Rule
- Export Report
- Form Handler
- Groovy Scripting
- HTTPS Info Add-on
- Open API Specification Support
- Passive Scan Rules - alpha
- Replacer
- Revisit
- Server-Sent Events
- Sequence Scanner
- Simple Example
- SOAP Scanner
- SNI Terminator
- Technology Detection
- TLS Debug
- Add-on Development
- Add-on Structure
- Add-on Debugging
- Examples
- Upgrade
- Code Structure
- 1.4 Add-ons
(This is work in progress;)