# How to install SSLyze on Parrot OS

Check which protocols and ciphers the server supports by using SSLyze.
Installation is straightforward: https://github.com/nabla-c0d3/sslyze

## The Setup

- Parrot OS 5.0 (Electro Ara)
- SSLyze version 5.0.6

## Installation

1. `pip install --upgrade pip setuptools wheel`
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1666183569357/GNSDHo4FV.png align="left")

2. `pip install --upgrade sslyze`
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1666186548498/3bXEARz6u.png align="left")

3. `python3 -m sslyze <target>`
By default it will check results against Mozilla's "intermediate" configuration. See https://ssl-config.mozilla.org/ for more details.

An excerpt of the scan results:
```
- FAILED - Not compliant.
* maximum_certificate_lifespan: Certificate life span is 396 days, should be less than 366.
* tls_versions: TLS versions {'TLSv1.1', 'TLSv1'} are supported, but should be rejected.
* ciphers: Cipher suites {'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_AES_128_GCM_SHA256', 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_3DES_EDE_CBC_SHA', 'TLS_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_GCM_SHA384', 'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'} are supported, but should be rejected.
```
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1666183889259/TT0W8qHWl.png align="left")

## Check the version

Parrot OS: `cat /etc/os-release`

![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1666186642491/ZV4Q74doC.png align="left")

SSLyze: `sslyze --help`

![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1666183546208/TQUzmpff1.png align="left")

