What is Siteciphers?

Siteciphers is a command-line utility written in Bash designed to help developers and security professionals quickly check the available SSL/TLS ciphers for any given HTTPS website. Understanding the ciphers supported by a server is crucial for assessing its security posture and ensuring compatibility with various clients.

How Siteciphers Works

This tool leverages standard network tools to connect to an HTTPS endpoint and enumerate the cipher suites it offers. It provides a clear and concise output, making it easy to identify potential security weaknesses or outdated configurations. The script is designed for ease of use, allowing you to specify the target domain and optionally adjust the delay between requests.

Key Features and Usage

Siteciphers offers a straightforward way to perform SSL cipher analysis. Here are some common use cases:

Checking Available SSL Ciphers

To determine the available SSL ciphers for an HTTPS website, simply run the command followed by the domain name:

siteciphers github.com

Adjusting Request Delay

For more controlled scanning or to avoid overwhelming a server, you can set a custom delay between requests. The default delay is 1 second. To set a delay of 0.75 seconds, use the -d flag:

siteciphers -d 0.75 travis-ci.org

Why Check SSL Ciphers?

Regularly checking your website's SSL ciphers is a vital part of maintaining robust security. Weak or outdated cipher suites can expose your site and its users to various security threats, including man-in-the-middle attacks. Siteciphers helps you identify these vulnerabilities so you can take corrective actions, such as reconfiguring your web server to prioritize stronger, more modern encryption protocols.

Further Resources

• MDN: Introduction to Security and HTTPS
• RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3
• OWASP: TLS Cipher Suites