testssl.sh 

@[email protected]
400 Followers
45 Following
188 Posts

Fled from the birdsite to a separate account.

Toots mostly in EN about testssl.sh and related stuff.

main web sitehttps://testssl.sh
Githubhttps://testssl.sh/dev
testssl.sh 1h ago
BSI1h ago

**Kurzfristige Maßnahmen erforderlich: Austausch von TLS-Zertifikaten der D-Trust GmbH**

Die D-Trust GmbH tauscht kurzfristig TLS-Website-Zertifikate aus, die zwischen dem 15.03.2025 und dem 02.04.2026, 10:45 Uhr, ausgestellt wurden. Diese Zertifikate verlieren bereits am Montag, 06.04.2026, 17:00 Uhr, ihre Gültigkeit und sind ab diesem Zeitpunkt nicht mehr einsetzbar! [1/x]

testssl.sh 3d ago

Feisty Ducks Newsletter sheds some light onto Merkle Tree Certificates and their complexity.

Also there's some little background information about why Google recently scared us wrt quantum computer break through.

https://www.feistyduck.com/newsletter/issue_135_web_pki_reimagined_with_merkle_tree_certificates

Web PKI Reimagined with Merkle Tree Certificates | Feisty Duck

testssl.sh Mar 27

https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

2029. You're serious ? If so, why ?

#PQC

Quantum frontiers may be closer than they appear

An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

Google
Show threadtestssl.sh Feb 13

Also, it was time to release a snapshot of the 3.3dev branch which stabilized well enough and has a good set of features to be released.

https://github.com/testssl/testssl.sh/releases/tag/v3.3dev-snapshot-2602

Enjoy && eat the meal while it's hot ;-)

testssl.sh Feb 12

Small version bump: 3.2.3 for the old branch of testssl.sh was just released

https://github.com/testssl/testssl.sh/releases/tag/v3.2.3

Get it while it's hot ;-)

testssl.sh Feb 9

RFC: What should the rating for #STARTTLS be like?

https://github.com/testssl/testssl.sh/issues/2987

testssl.sh Feb 1

https://hackingpassion.com/openssl-12-cves-ai-january-2026/

https://www.lesswrong.com/posts/7aJwgbMEiKq5egQbd/ai-found-12-of-12-openssl-zero-days-while-curl-cancelled-its

AI found 12 of 12 #OpenSSL #CVE's . CVE-2025-15467 is most remarkable

AI Finds 12 OpenSSL Vulnerabilities Including a 27-Year-Old Bug

An AI system discovered 12 CVEs in OpenSSL, including a bug from 1998 that survived 27 years of audits. One HIGH severity with pre-auth RCE potential.

HackingPassion.com : [email protected][~]
testssl.sh Jan 2

RE: https://mastodon.social/@drwetter/115827783533894665

Testssl activities had to wait a bit as the main contributor was busy 😃

testssl.sh Jan 2
Show threadd0rk ✅Jan 2
Forgot those pics... #39c3 #39c3abbauleak
testssl.sh Nov 13

testssl.sh 3.3dev update:
- shellcheck ensures better code quality when check in, thanks to MFTabriz
- flag --rating only does the bare minimum of checks for SSLlabs rating, thanks to magnuslarsen

Both branches had some CA stores update