SSL/TLS Scan Tools

Does anyone know of an quick and easy to use tool that can scan SSL/TLS certificates? I have a number of internal devices that use default self-signed certs and would like to see which ciphers are supported. Ideally I’d like to be able to give it a list of IP’s and generate a report. I can do this with NMAP wondered if there were other options?


I find SSLScan is fast and easy to use. Nessus is another option (not as fast or easy - also limited to what the license allows you to scan).

1 Like

Hi, found the same question on google.

Use openssl and build a script. Change the script to make it fit your purpose.

1 Like

Thanks for the suggestions and pointer!

SSLScan seems to fit the bill. Wrote a simple Powershell script to run against my targeted hosts.

1 Like

Glad I could help. Is your script something you could share here? I know I’d love to see it and I’m sure many others could benefit from it too.

I just started a new job a few weeks ago so let me clear this with my boss. I am sure its ok, but I want to make sure being relatively new. Again its nothing special since I am pretty rusty with Powershell :slight_smile:

No worries, and definitely no pressure. I was just thinking how useful it can be to look at how someone else tackled a problem when you are trying to solve one of your own. Rusty or not, your idea works for you and that is great!