sslautoanalyzer
sslautoanalyzer.rb is a script designed to analyze the output of sslyze reports and provide a concise spreadsheet with some of the common issues highlighted. It's very much in development at the moment, so I wouldn't 100% rely on it, but it should provide some useful information.
The idea is that if you have a large number of SSL servers to review, manually assessing them all can be time consuming, so a summary view of the information presented could be useful.
The script works on sslyze's XML output so, you need to pass the --xml_out=XML_FILE parameter to it when you run it to get the relevant input file(s) for sslautoanalyzer.
If you've cloned the TestingScripts repository, doing a bundle install in that directory should install the relevant ruby gems. If you got the script on its own, you should install nokogiri and rubyXL which shouldbe the only external gems needed.
The output of the script is divided into three tabs (Certificate issues, Cipher issues and Protocol Issues). Where the check is a True/False, "bad" results are coded in red and "good" in green, for other checks data is provided.
here's an example
The analyzer can run on either a single file (specified with the -f switch) or on a directory where there are several sslyze XML output files (using the -d switch)
The other switch on the script is -r which specifies the name for the report. sslautoanalyzer will overwrite where it finds an existing name, so be careful with that 😄