Created
February 2, 2022 11:41
-
-
Save Laim/75aa86fa17f5db539b1ad7e1e59cbf1c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.NOTES | |
Version : 1.0 | |
Author : Laim McKenzie | |
Creation Date : 17.05.2021 | |
Purpose : Automation of SSLLabs SSLtests. | |
Credits : Modified version of script by /u/tramperdk | |
#> | |
$dns_list = "C:\Dev\ssl_labs\dns_list.txt"; | |
$output_file = "C:\Dev\ssl_labs\output\output.txt"; | |
$date = Get-Date; | |
$DateStr = '{0:dd-MM-yyyy HH:mm:ss}' -f $date; | |
## Available Parameters | |
## Mandatory: $URL | |
## Optional: $Force - Forces a new scan | |
## Optional: $Output - Outputs the data to a file | |
function Get-SSLLabsGrade { | |
[CmdletBinding()] | |
param ( | |
# URL to scan with https://www.ssllabs.com/ssltest/ | |
[Parameter(Mandatory=$true)] | |
[string]$URL, | |
# Force parameter to force fresh result | |
[Parameter(Mandatory = $false)] | |
[switch]$Force = $false#, | |
# Write output to file | |
##[Parameter(Mandatory = $false)] | |
##[switch]$ouputFile = $false | |
) | |
begin { | |
if ($Force) { | |
# Overview of api parameters used to fetch fresh results or cached. | |
# API url and more information can be found at https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs-v3.md | |
$Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&startNew=on&all=on" -ErrorAction SilentlyContinue | |
} | |
else { | |
# PARAMETERNAME DESCRIPTION | |
# maxAge maximum report age, in hours, if retrieving from cache (fromCache parameter set). | |
$Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&fromCache=on&maxAge=24&all=on" -ErrorAction SilentlyContinue | |
} | |
# Print information about usage if this call is verbose. | |
Write-Verbose "This is scan $($Webrequest.Headers."X-Current-Assessments" +1) out of $($Webrequest.Headers."X-Max-Assessments") available" | |
$JsonResult = $Webrequest | ConvertFrom-Json | |
} | |
process { | |
try { | |
# If the status isn't ready, then the test is still ongoing. | |
while ((-Not($JsonResult.status -eq "Ready") )) { | |
# Print current url, progress and state | |
if ($($JsonResult.endpoints.progress) -gt 0) { | |
Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status)" ##-NoNewline | |
} | |
else { | |
Write-Host "`rScanning $URL, PROGRESS: 0% - STATE: $($JsonResult.status)" ##-NoNewline | |
} | |
# Wait another 15 seconds before we check again. | |
Start-Sleep -seconds 15 | |
# Refresh results | |
$JsonResult = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&all=on" -ErrorAction SilentlyContinue | ConvertFrom-Json | |
} | |
# Write final scanning message | |
Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status) " -NoNewline | |
} | |
catch { | |
# Something went wrong. | |
"Error scanning $URL : $($_.Exception.Message)" | |
} | |
} | |
end { | |
# Statuspage with latest results (this one includes remarks, which is why we create another call). | |
$webresults = Invoke-WebRequest -Uri "https://www.ssllabs.com/ssltest/analyze.html?d=$URL&latest" | |
try { | |
# Remarks are tagged with HTML div tags and a class of "warningBox, errorBox etc.", we're only intrested in messages that affects our Grade. | |
# Also we're cleaning up the strings a bit. | |
$Remarks = (($webresults.AllElements | Where-Object {($_.TagName -eq "div") -and ($_.outerText -like "*Grade*") -and ($_.class -like "*Box")}) | ForEach-Object {" $(($_.class).SubString(0,$_.class.Length -3)): $($_.outerText) " }).Replace("MORE INFO »","").Trim() | |
} | |
catch { | |
# If we encounter errors or encounter a null exception, we're not going to display any remarks. | |
$Remarks = "" | |
} | |
# Print results. | |
"" | |
"" | |
switch ($($JsonResult.endpoints.grade)) { | |
# Grades taken from https://community.qualys.com/docs/DOC-6321-ssl-labs-grading-2018 | |
"A+" { $GradeColor = [System.ConsoleColor]::Green } | |
"A" { $GradeColor = [System.ConsoleColor]::DarkGreen } | |
"B" { $GradeColor = [System.ConsoleColor]::Yellow } | |
"C" { $GradeColor = [System.ConsoleColor]::DarkYellow } | |
"D" { $GradeColor = [System.ConsoleColor]::Red } | |
"F" { $GradeColor = [System.ConsoleColor]::DarkRed } | |
Default { $GradeColor = [System.ConsoleColor]::Blue } | |
} | |
## The output of the score | |
$output = "$URL scored [$($JsonResult.endpoints.grade)] on SSLLabs scan @ $DateStr" | |
## Output the score onto the ISE | |
Write-Host $output -ForegroundColor $GradeColor | |
## If we want to write the output to a file, do it here | |
##if($ouputFile) { | |
Add-Content $output_file "$output" | |
##} | |
"" | |
##if ($Remarks.Count -gt 0) { | |
## $Remarks.Replace(": ",": `t") | |
##} | |
} | |
} | |
## Loop through each entry in the dns list | |
$reader = [System.IO.File]::OpenText($dns_list) | |
while($null -ne ($dns = $reader.ReadLine())) { | |
Get-SSLLabsGrade($dns) -Force; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment