http://www.exploresecurity.com/testing-for-cipher-suite-preference/ IT security tools, techniques and commentary Sun, 07 Sep 2025 03:12:25 +0000 hourly 1 http://wordpress.org/?v=3.6.1 http://www.exploresecurity.com/testing-for-cipher-suite-preference/#comment-91385 Jerome Mon, 01 Sep 2025 08:46:18 +0000 http://www.exploresecurity.com/?p=296#comment-91385 Clearly manual testing is much slower. That’s why a tool is useful. Manual testing is used to provide definitive evidence of a particular result from an automated tool. For certain types of vulnerability, however, it’s not possible to test using something like OpenSSL out-of-the-box because obviously it is not designed to send malformed packets. As you can tell from the date of this post (and other posts in the same category) it’s been some time since I last looked at this area. The tools mentioned in this post may not be best-in-class. In general, for any tool you are relying on, it’s useful to read the docs so you know what its capabilities and limitations are, and then try it out against known targets i.e. a server you’ve configured. Additionally, as in this post, running two tools to ensure there is agreement is a good way to try to eliminate errors. Any discrepancy can be followed up with manual testing. Hope that’s useful.

]]> http://www.exploresecurity.com/testing-for-cipher-suite-preference/#comment-91370 Desain Thu, 21 Aug 2025 12:40:55 +0000 http://www.exploresecurity.com/?p=296#comment-91370 How thorough is this manual testing method compared to automated tools like ssl-enum-ciphers in Nmap?

]]>