netsekure rng

random noise generator

TLS Renegotiation Test

The new TLS/SSL man-in-the-middle (MiTM) attack targets the renegotiation part of the protocol. There are two variations of the renegotiation – client initiated and server initiated. This tool allows you to test any web server (input as server:port) for client initiated renegotiation support, as server initiated renegotiation depends on specific server configuration. As currently there is no fix other than disabling renegotiation, this will pretty much tell you whether the server is vulnerable or not to this type of renegotiation attack

Update (2014-09-19): The TLS renegotiation vulnerability is now five years old and should be fixed by most TLS stacks and hopefully all Internet facing servers have been updated. Thus, I have removed my own test for the renegitiation flaw. I would suggest using, which has a much better scanner for the overall configuration of servers.