5 Steps To Install Sslscan On Kali Linux

5 Steps To Install Sslscan On Kali Linux

As you know, Kali Linux is one of the most popular security operating systems that has many tools. One of these tools is the SSLScan tool, which is using to check the SSL of websites. In this article, we are going to explain to you 5 Steps To Install Sslscan On Kali Linux. If you want to buy a Linux VPS server, you can visit the packages offered on the Eldernode website.

Recommended Article: How To Install And Use Yersinia On Kali Linux

What is Sslscan?

SSLScan is open-source and is available by default in Kali Linux. Using this tool, you can do various things on the service. The first thing you can do is to identify the SSL version used. In the next steps you can find the type of encryption and many other information about the SSL used.

Some people think that just using HTTPS with SSL/TLS encryption is complete security and any hacker who tries to eavesdrop will only get a bunch of meaningless data and numbers. This issue is not certain. HTTPS servers must be properly configured to provide a strong level of encryption and protect users and their transmitted data against MITM attacks. There are a number of vulnerabilities in the implementation and design of the SSL protocol that can be identified. As a result, secure communication testing is mandatory and one of the essentials of penetration testing.

How to Install Sslscan On Kali Linux

Sslscan tool is available by default on Kali Linux. But in the rest of this article, we will teach you the 5 basic steps to install Sslscan on Kali Linux.

1) Dependencies to Install Sslscan

Before we want to learn how to install Sslscan, it is necessary to have the required dependencies to run this tool. These prerequisites are:

- libc6
- zlib1g

2) Install Sslscan

In this section, we are going to show you how to install Sslscan on Kali Linux. It is possible to do this simply by running the following command in kali terminal. Note that SSLScan is designed to be easy, clean and fast.

sudo apt install sslscan

3) How to use Sslscan

Now that you have successfully installed Sslscan, it’s time to use it. You can do this by running the following command:

sslscan -h
sslscan [options] [host:port | host]

4) Options used in Sslscan

In this section, we are going to introduce Sslscan options to you. You can do what you need using these options:

–targets=<file> A file containing a list of hosts to check. Hosts can be supplied with ports (host:port)
–sni-name=<name> Hostname for SNI
–ipv4, -4 Only use IPv4
–ipv6, -6 Only use IPv6

–show-certificate Show full certificate information
–show-client-cas Show trusted CAs for TLS client auth
–no-check-certificate Don’t warn about weak certificate algorithm or keys
–ocsp Request OCSP response from server
–pk=<file> A file containing the private key or a PKCS#12 file containing a private key/certificate pair
–pkpass=<password> The password for the private key or PKCS#12 file
–certs=<file> A file containing PEM/ASN1 formatted client certificates

–ssl2 Only check if SSLv2 is enabled
–ssl3 Only check if SSLv3 is enabled
–tls10 Only check TLSv1.0 ciphers
–tls11 Only check TLSv1.1 ciphers
–tls12 Only check TLSv1.2 ciphers
–tls13 Only check TLSv1.3 ciphers
–tlsall Only check TLS ciphers (all versions)
–show-ciphers Show supported client ciphers
–show-cipher-ids Show cipher ids
–iana-names Use IANA/RFC cipher names rather than OpenSSL ones
–show-times Show handhake times in milliseconds

–no-cipher-details Disable EC curve names and EDH/RSA key lengths output
–no-ciphersuites Do not check for supported ciphersuites
–no-compression Do not check for TLS compression (CRIME)
–no-fallback Do not check for TLS Fallback SCSV
–no-groups Do not enumerate key exchange groups
–no-heartbleed Do not check for OpenSSL Heartbleed (CVE-2014-0160)
–no-renegotiation Do not check for TLS renegotiation
–show-sigs Enumerate signature algorithms

–starttls-ftp STARTTLS setup for FTP
–starttls-imap STARTTLS setup for IMAP
–starttls-irc STARTTLS setup for IRC
–starttls-ldap STARTTLS setup for LDAP
–starttls-mysql STARTTLS setup for MYSQL
–starttls-pop3 STARTTLS setup for POP3
–starttls-psql STARTTLS setup for PostgreSQL
–starttls-smtp STARTTLS setup for SMTP
–starttls-xmpp STARTTLS setup for XMPP
–xmpp-server Use a server-to-server XMPP handshake
–rdp Send RDP preamble before starting scan

5) An example for using Sslscan

After fully introducing with Sslscan and its options, you can now use the example below and customize it according to your needs:

sslscan [::1]
Recommended Article: Introducing And How To Install Sqlninja On Kali Linux


Sslscan tool is used to identify weak ssl configuration. This tool can identify and discover weak hashing protocols and algorithms and crime and heartbleed vulnerabilities. In this article, we tried to teach you how to Install Sslscan On Kali Linux.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

    Leave Your Comment

    Your email address will not be published.

    We are by your side every step of the way

    Think about developing your online business; We will protect it compassionately

    We are by your side every step of the way


    7 days a week, 24 hours a day