Comment by BoppreH
13 hours ago
I needed to perform scans internally, and testssl.sh was too slow (minimum 20 seconds with parallelization and all optional scans disabled). So I made my own scanner, for a 60-100x speedup: https://github.com/boppreh/hello_tls . It doesn't do vulnerability assessment, but I was more interested in extracting the configuration.
Why is 20 s too slow? How often do you run it?
We also it at my work, where it's used both for mass scans of internal hosts, and scanning the same host many times during incidents/configuration changes.
And the 20s is extra annoying because it's completely unnecessary. The tool is so slow because it's thousands of lines of pure bash, manipulating individual bytes. And because it's bash, it also breaks in confusing ways when you look at it wrong[1].
[1] https://github.com/testssl/testssl.sh/pull/2429