CipherRun

Fast, modular TLS/SSL security scanner and compliance engine built in Rust

Overview

CipherRun is a comprehensive TLS/SSL security scanner written in Rust. It combines protocol and cipher analysis, vulnerability testing, compliance checks, and certificate transparency monitoring in a single high-performance CLI and API-ready engine.

Key Features

Installation

From Source

git clone https://github.com/seifreed/cipherrun.git
cd cipherrun
cargo build --release
./target/release/cipherrun --help

Using Cargo

cargo install cipherrun

Quick Start

# Scan a host
cipherrun example.com

# Scan a URL
cipherrun https://example.com

# Run full vulnerability scan
cipherrun -U example.com

Usage

Common Commands

# Protocol testing
cipherrun -p example.com

# Cipher enumeration
cipherrun -e example.com

# JSON output
cipherrun --json results.json example.com

# HTML report
cipherrun --html report.html example.com

STARTTLS Examples

# SMTP with STARTTLS
cipherrun -t smtp mail.example.com:587

# IMAP with STARTTLS
cipherrun -t imap mail.example.com:143

Output Formats

Terminal, JSON, CSV, HTML, XML

Architecture (High Level)

• Scanner Engine: Async Tokio-based probes
• Protocols: SSLv2 → TLS 1.3
• Vuln Suite: 18+ checks
• Fingerprinting: JA3/JA3S/JARM
• Compliance: 7 frameworks
• Database: SQL migrations + analytics

Contributing

Contributions are welcome:

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

Support the Project

If you find CipherRun useful, consider supporting its development:

License

This project is licensed under GPL-3.0 - see the LICENSE file for details.

Attribution Required:

• Author: Marc Rivero | @seifreed
• Repository: github.com/seifreed/cipherrun

_{Made with dedication for the security community}