Seccubus now supports scanning via the Qualys SSL labs API

24 February 2015

Personally I have always been a fan of Ivan Ristić’s Qualys SSL labs a site that allows you to evaluate the quality of your SSL Labs configuraiton and the defacto gold standard when it comes to judging SSL setups.

That is why I added support for SSL Labs in version 2.9 of seccubus. At that time I implemented the feature by scraping the SSL Labs website. While scraping wasn’t prohibited, is sure was cumbersome and fragile, and it did actually break

Fortune has it that Ivan release an API for SSL Labs shortly after I released v2.9.

This version of Seccubus has a new SSL Labs scanner plugin that uses the SSL labs API

You can download the new version here

Release notes

24-02-2015 - 2.14 - SSL labs API

The SSL labs scanner now uses the SSL labs API (see https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs.md) to check the SSL configuration of your website in stead of scraping the site.

Bug Fixes

  • No additional bugfixes