Weak SSL/TLS Ciphers Insufficient Transport Layer Protection

SSL certificates, SSLscan, Nmap NSE

Vulnerability description for reporting available in VulnDB (GitHub)

See Credentials Transported over an Encrypted Channel.

Testing

SSL Configuration and validation of certificates

Use SSLscan.

Nmap NSE

ls -la /usr/share/nmap/scripts/ssl*
-rw-r--r-- 1 root root 10112 Jan  9 23:24 /usr/share/nmap/scripts/ssl-ccs-injection.nse
-rw-r--r-- 1 root root  3900 Jan  9 23:24 /usr/share/nmap/scripts/ssl-cert-intaddr.nse
-rw-r--r-- 1 root root 10347 Jan  9 23:24 /usr/share/nmap/scripts/ssl-cert.nse
-rw-r--r-- 1 root root  6807 Jan  9 23:24 /usr/share/nmap/scripts/ssl-date.nse
-rw-r--r-- 1 root root 39897 Jan  9 23:24 /usr/share/nmap/scripts/ssl-dh-params.nse
-rw-r--r-- 1 root root 39964 Jan  9 23:24 /usr/share/nmap/scripts/ssl-enum-ciphers.nse
-rw-r--r-- 1 root root  7768 Jan  9 23:24 /usr/share/nmap/scripts/ssl-heartbleed.nse
-rw-r--r-- 1 root root  4331 Jan  9 23:24 /usr/share/nmap/scripts/ssl-known-key.nse
-rw-r--r-- 1 root root 11201 Jan  9 23:24 /usr/share/nmap/scripts/ssl-poodle.nse
-rw-r--r-- 1 root root 11249 Jan  9 23:24 /usr/share/nmap/scripts/sslv2-drown.nse
-rw-r--r-- 1 root root  1575 Jan  9 23:24 /usr/share/nmap/scripts/sslv2.nse

IP=x.x.x.x
nmap -sV --script ssl-enum-ciphers -p 443 $IP

# If output is too long for screenshot 
nmap -sV --script ssl-enum-ciphers -p 443 $IP | grep -E "SSLv|TLSv"

If exposed on the internet

Qualys SSL Labs - Test strength of SSL Certificates
https://www.ssllabs.com/ssltest/

Mozilla Observatory - SSL Certificates / Response Headers
https://observatory.mozilla.org/

Mixed Active Content (HTTP + HTTPS)

Mixed Active Content is when active resources (such as scripts to CSS) are loaded over unencrypted HTTP and included into a secure (HTTPS) page.