Parsing Sslscan into CSV
Sslscan is a tool used to enumerate the ciphers supported by HTTPS sites. Knowing the ciphers that are supported by a site is useful in web application testing. This is even more useful in a penetration test if some of the supported ciphers are weak.
How to do it…
This recipe will run Sslscan on a specified IP address and output the results into a CSV format:
import subprocess
import sys
ipfile = sys.argv[1]
IPs = open(ipfile, “r”)
output = open(“sslscan.csv”, “w+”)
for IP in IPs:
try:
command = “sslscan “+IP
ciphers = subprocess.check_output(command.split())
for line in ciphers.splitlines():
if “Accepted” in line:
output.write(IP+”,”+line.split()[1]+”,”+ line.split()[4]+”,”+line.split()[2]+”\r”)
except:
passHow it works…
We first import the necessary modules and assign the filename supplied in the argument to a variable:
import subprocess import sys ipfile = sys.argv[1]
The filename supplied should point to a file containing a...
