Crypto & TLS Testing
testssl.sh, sslyze, jwt_tool — auditing TLS, JWTs, and weak crypto in the wild.
The boring-but-important part of security: is your TLS configured correctly, are your JWTs not signed with none, are your cert chains complete? For dev-side JWT libraries see Crypto & JWT. For PKI / cert mgmt see PKI & Cert Management. For password / hash cracking see Password Cracking.
TLS / SSL configuration audit
- ★ ★ testssl.sh — bash; thorough TLS audit; cipher suites, certificate, vulns (Heartbleed, ROBOT, BEAST, POODLE, CRIME, BREACH, Logjam, FREAK), SNI, OCSP. Single binary, no install. Free.
- ★ sslyze — Python; faster, machine-readable; great for CI. Free.
- Qualys SSL Labs —
https://www.ssllabs.com/ssltest/— free hosted scan; A/A+ grading; web only. - CryptCheck — free hosted; covers HTTPS / SMTP / IMAP / XMPP.
- Hardenize — multi-protocol audit; free.
- Nmap NSE —
--script ssl-enum-ciphers,ssl-cert,ssl-dh-params,ssl-known-key; great for batch scanning many hosts. - Caddy / Lego / acme.sh — for getting a proper cert in the first place; see PKI & Cert Management.
Cert handling
- ★ OpenSSL CLI — the universal swiss-army;
openssl s_client -connect,openssl x509 -text,openssl req, etc. - mkcert — local-CA tool for dev; cleanly trusted by browsers.
- certbot / lego / acme.sh — Let's Encrypt clients.
- smallstep CLI (
step) — modern PKI; great for internal CA + ACME. - CFSSL (Cloudflare) — internal PKI tooling.
TLS Mutual / mTLS
- See PKI & Cert Management — smallstep / Vault / cert-manager.
- mtlscan / smtlscan — niche audit tools.
JWT auditing
- ★ jwt_tool (ticarpi) — JWT swiss-army: decode, alg-confusion (
none,HS256→RS256), kid traversal, blank-signature, weak-secret brute. Free. - jwt-cracker (Pythonic / Node) — HS256 secret recovery against a weak secret list.
- John the Ripper jwt mode — see Password Cracking.
- Hashcat 16500 — JWT HS256 mode.
- jwt.io — interactive decoder (paste tokens; remember they leak through the browser).
- Burp JWT Editor — Burp Pro extension; the standard hands-on tool. See Web App Testing.
Common JWT issues to test for
- ★
alg: noneaccepted. - ★ HS256 ↔ RS256 algorithm-confusion (signing with the public key).
- Weak HS256 secret (< 16 bytes / dictionary).
kidparameter SQLi / path traversal.jku/x5uheader attacks (server fetches your URL).- Missing
exp/iss/audchecks. - Replay (no
jtitracking). - Algorithm not pinned server-side.
Password / KDF testing
- ★ Hashcat / John the Ripper — see Password Cracking.
- scrypt-Bench / argon2-cli — verify your KDF parameters are tuned reasonably (target ≥ 250 ms on prod hardware).
- HIBP API /
Pwned-Passwords— see Bot Protection for breached-password lists.
Crypto-API anti-pattern hunters
- CodeQL queries for "AES ECB mode," "MD5 / SHA1 in security context," "static IV." See Security Scanning.
- Semgrep crypto pack — community rules.
- CryptoREPL / crypto-attacks repo — for learning.
Common implementation pitfalls
- ★ AES-ECB used anywhere — never appropriate.
- ★ CBC without HMAC — use AES-GCM or chacha20-poly1305.
- Static IV / nonce reuse — catastrophic in GCM / CTR.
- MD5 / SHA1 for security — broken; use SHA-256 / SHA-3.
- Roll-your-own crypto — almost always wrong.
- Constant-time comparisons —
crypto.timingSafeEqual(Node),subtle(browser),hmac.compare_digest(Python). - PBKDF2 with too-low rounds — should be ≥ 600k for SHA-256 in 2026.
RSA / classical attacks
- RsaCtfTool — Wiener, Fermat, common-modulus, low-public-exponent. See CTF Tools.
- featherduster — automated classical crypto.
- sage / pycryptodome / gmpy2 — number theory glue.
TLS-side test infrastructure
- mitmproxy — see Web App Testing.
- Caddy + automatic-HTTPS — used in lab to terminate TLS quickly.
- bettercap / ssldump — packet inspection.
- DNS RPZ / DoH / DoT testing — see DNS Infrastructure.
Pick this if…
- Default TLS audit (single binary, free): testssl.sh.
- CI-friendly TLS audit: sslyze.
- Free hosted A/A+ check: Qualys SSL Labs.
- JWT testing: jwt_tool + Burp JWT Editor extension.
- JWT secret cracking: Hashcat 16500.
- Internal PKI: smallstep + ACME.
- Hash strength check: Hashcat / John on representative samples.