SKILL

Performing Ssl Tls Security Assessment

Assess SSL/TLS server configurations using the sslyze Python library to evaluate cipher suites, certificate chains, protocol versions, HSTS headers, and known vulnerabilities like Heartbleed and ROBOT.

Published by @mukul975·0 agent reads / 30d·0 saves·

Performing SSL/TLS Security Assessment

Overview

Assess SSL/TLS server configurations using sslyze, a fast Python-based scanning library. This skill covers evaluating supported protocol versions (SSLv2/3, TLS 1.0-1.3), cipher suite strength, certificate chain validation, HSTS enforcement, OCSP stapling, and scanning for known vulnerabilities including Heartbleed, ROBOT, and session renegotiation weaknesses.

When to Use

  • When conducting security assessments that involve performing ssl tls security assessment
  • When following incident response procedures for related security events
  • When performing scheduled security testing or auditing activities
  • When validating security controls through hands-on testing

Prerequisites

  • Python 3.9+ with sslyze library (pip install sslyze)
  • Network access to target HTTPS servers on port 443
  • Understanding of TLS protocol versions and cipher suite classifications

Steps

Step 1: Configure Server Scan

Create ServerScanRequest with ServerNetworkLocation specifying target hostname and port.

Step 2: Execute TLS Scan

Use sslyze Scanner to queue and execute scans for all TLS check commands concurrently.

Step 3: Analyze Results

Evaluate accepted cipher suites, certificate validity, protocol versions, and vulnerability scan results.

Step 4: Generate Security Report

Produce a JSON report with compliance findings and remediation recommendations.

Expected Output

JSON report with supported protocols, accepted cipher suites, certificate details, vulnerability results (Heartbleed, ROBOT), and HSTS status.

Bundled with this artifact

5 files

Reference files that ship alongside this artifact. Agents pull these in only when the task needs them.

More on the bench

SKILL0

Google Cloud Waf Security

Generates security-focused guidance for Google Cloud workloads based on the design principles and recommendations in the Google Cloud Well-Architected Framework (WAF). Use this skill to evaluate a workload, identify security requirements, and provide actionable recommendations for IAM, network security, data protection, and operational security.

google
software-engineering+2
0
SKILL0

Google Cloud Networking Observability

Investigates Google Cloud networking issues by analyzing logs, metrics, and diagnostics. Use when investigating VPC Flow Logs (including cost estimation), NAT, firewall, or threat logs, querying latency and throughput metrics, or running Connectivity Tests for path diagnostics. Don't use for generic VM management or non-observability tasks.

google
software-engineering+2
0
SKILL0

Infra As Code Review

Write an infrastructure-as-code review checklist and conduct a structured review of Terraform, CloudFormation, Pulumi, or Ansible code. Use when asked to review IaC code, audit infrastructure configurations, check cloud security posture, or produce a reusable IaC review checklist. Produces a structured review report with severity-categorized findings, remediation guidance, and a reusable checklist.

Mohit Aggarwal
software-engineering+2
0