

TLS Prober – A tool for fingerprint SSL/TLS server implementations - richm44
https://github.com/WestpointLtd/tls_prober

======
worklogin
Cool, I'll have to take a look. Qualys SSL labs has a cool set of tools to
output not only the supported versions/ciphers, but shows what OS/browser
combos would be able to connect to the site.

Good work.

~~~
mortenlarsen
"Supports both pure SSL/TLS protocols like HTTPS and those that use STARTTLS
such as SMTP and POP3."

There exists other reasons than HTTPS to use TLS.

~~~
danimo
Note that rich does not claim anything else. However, there is a fundamental
difference between "initiate TLS connection from byte 0" (as used in HTTPS,
but also IMAPS or SMTPS) and STARTTLS, where the protocol is plain text until
the client issues the STARTTLS command, make makes protocols that were
designed to TLS-enable plain text only protocols such as IMAP and SMTP
(without the 'S'), while keeping the port number.

That was the point of this note. And of course there are even more use cases
for TLS.

~~~
richm44
Yes, please don't think I'm saying that I think protocols that start off as
plain text then upgrade are a good design - I don't. All I mean there is that
I've written the code required to fingerprint the implementation those use
too, by performing the plain text negotiation before each probe.

