This extension enables Burp to scan for SSL vulnerabilities.

Most of the testing logic are from testssl.sh. Heartbleed test and CCS Injection test code are modified from a2sv.

Vulnerabilities:

• SSLv2 and SSLv3 connectivity
• Heartbleed
• CCS Injection
• TLS_FALLBACK_SCSV support
• POODLE (SSLv3)
• Sweet32
• DROWN
• FREAK
• LUCKY13
• CRIME (TLS Compression)
• BEAST
• Check for weak ciphers
• BREACH
• Logjam