SharpTLSScan v1.2

Edit March 16, 2015: Updated to v1.4.

SharpTLSScan has been upgraded to version 1.2.  You can download the executable from this post, or you can find the source on Github.

Version 1.2 adds some visual enhancements, such as having the protocol versions grouped together instead of interleaved in the output.  This is because each separate protocol scan (SSLv3, TLS1.0, TLSv1.1, TLS1.2,) executes on a separate thread, (the SSLv2 scan is different than the others so it runs by itself,) and each thread would be sending output to the screen simultaneously, causing the results from separate threads to be mixed together.  Now we wait until all threads are finished and display the output all once, meaning the results are grouped together properly again.  As a consequence of this, I added a little "Working..." status indicator so that the user doesn't feel like the program is just hung while it's performing its tests.

The one thing that I would really like to add in the future, is something to the certificate validation callback routine that can check for the existence of a discrete signature algorithm in the certificate. (Such as "sha256NoSign")  Certutil.exe -dump can do it just fine, but I have not yet figured out how to emulate the behavior from C#.

Download v1.4

Comments are closed