Home

Welcome to the DeepViolet wiki!

OWASP DeepViolet TLS/SSL Scanner Code Project DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. Review the reference implementations if you want to see how to implement DeepViolet in your projects. If you want to see what DeepViolet can do, explore from the command line in your scripts or use the graphical tool from the comfort of your desktop. Both tools can be used to scan HTTPS web servers to check server certificate trust chains, revocation status, check certificates for pending expiration, weak signing algorithms and much more.

How is DeepViolet Helpful? Already great tools exist today for TLS/SSL scanning like, Qualys Labs, Mozilla Observatory, OpenSSL. Why do I care about DeepViolet? A valid question and one I asked myself. Originally, DeepViolet was written as an educational tool. A tool to learn TLS/SSL protocols and some of the issues around recent attack trends better. The goal was not to develop a TLS/SSL scanner and compete with existing powerful tools. However, it turns out there are few choices for easy to use open source Java TLS/SSL scanning APIs. What better way to learn TLS/SSL and provide other scanning projects with a Java friendly API scanning solution - the DeepViolet project was born.