

TLS-O-MATIC – self TLS testing for web apps - eloycoto
http://www.tls-o-matic.com/

======
y0ghur7_xxx
With all those TLS vulnerabilities coming out in the last months, i start to
wonder, is there a tool that allows me to test those vulnerabilities? For
example when the "basicConstraints" man-in-the-middle attack came out, moxie
wrote sslsniff to demonstrate it. sslsniff has then be updated to exploit some
more vulnerabilities, but are there any demos of FREAK, BEAST, CRIME or any
other being exploited to demonstrate this attacks?

~~~
abarringer
try [https://www.ssllabs.com/ssltest/](https://www.ssllabs.com/ssltest/)

It tests for those and many more ssl configuration errors.

~~~
y0ghur7_xxx
ssllabs test just checks your server for common ssl related problems, it does
not allow you to actively exploit ssl bugs like FREAK or BEAST

