Intro
------
I wrote this as a POC back in 2009 after an illuminating discussion with Roy Hills (NTA Monitor) relating to SSL. The discussion went something like this: "It would be great to code up a faster SSL cipher enumeration tool that didn't rely on OpenSSL and only performed the initial SSL HELLO request." The key advantages here are speed, by not requiring a full SSL handshake, and the ability to discover proprietary ciphers not supported by OpenSSL.

Although I've made a couple of recent changes, this code is the result of a few late nights back in 2009 and should be considered ALPHA :)

Installation
------------
$ make

Usage
-----
$ usage: ./ssl-enum -s hostname/ip (opt: -p 8443 -f otherciphers,-v[1-5],-k)
	-s hostname or IP address of target.
	-v1 
		Increase level of verbosity (v1 - v5).
	-f filename
		Allows alternate ciphers file. The default is cipher-list.txt.
   	-k ends scan early if non-standard responses.
        	Some SSL/TLS services don't respond with SSL errors so we assume its
        	an UNSUPPORTED cipher. To complicate matters further, some Apache &
		IIS configurations will allow weak SSL connections but don't allow
		access at the application layer. This lets the web server produce a
		"pretty" error message but breaks SSL scanning. More work needed here.