1 2Full contribution, see git log. 3 4* Dirk Wetter (creator, maintainer and main contributor) 5 - Everything what's not mentioned below and is included in testssl.sh's git log 6 minus what I probably forgot to mention 7 (too much other things to do at the moment and to list it would be a tough job) 8 9* David Cooper (main contributor) 10 - Major extensions to socket support for all protocols 11 - extended parsing of TLS ServerHello messages 12 - TLS 1.3 support (final and pre-final) 13 - add several TLS extensions 14 - Detection + output of multiple certificates 15 - several cleanups of server certificate related stuff 16 - testssl.sh -e/-E: testing with a mixture of openssl + sockets 17 - add more ciphers 18 - coloring of ciphers 19 - extensive CN+SAN <--> hostname check 20 - separate check for curves 21 - RFC 7919, key shares extension 22 - keyUsage extension in certificate 23 - experimental "eTLS" detection 24 - parallel mass testing! 25 - RFC <--> OpenSSL cipher name space switches for the command line 26 - better error msg suppression (not fully installed openssl 27 - GREASE support 28 - Bleichenbacher / ROBOT vulnerability test 29 - several protocol preferences improvements 30 - pwnedkeys.com support 31 - CT support 32 - Lots of fixes and improvements 33 34##### Further credits (in alphabetical order) 35 36* a666 37 - Bugfix 38 39* Christoph Badura 40 - NetBSD fixes 41 42* Frank Breedijk 43 - Detection of insecure redirects 44 - JSON and CSV output 45 - CA pinning 46 - Client simulations 47 - CI integration, some test cases for it 48 49 * Steven Danneman 50 - Postgres and MySQL STARTTLS support 51 - MongoDB support 52 53* Christian Dresen 54 - Dockerfile 55 56* csett86 57 - some MacOSX and Java client handshake data 58 59* Mark Felder 60 - lots of cleanups 61 - Shellcheck static analysis 62 63* Laine Gholson 64 - avahi/mDNS support 65 - HTTP2/ALPN 66 - bugfixes 67 - former ARM binary support 68 69* Maciej Grela 70 - colorless handling 71 72* Jac2NL 73 - initial support for skipping offensive vulnerability tests 74 75* Scott Johnson 76 - Bugfix F5 77 78* Hubert Kario 79 - helped with avoiding accidental TCP fragmentation 80 81* Jacco de Leeuw 82 - skip checks which might trigger an IDS ($OFFENSIVE / --ids-friendly) 83 84* Manuel 85 - HTTP basic auth 86 87* Markus Manzke 88 - Fix for HSTS + subdomains 89 - LibreSSL patch 90 91* Jean Marsault 92 - client auth: ideas, code snipplets 93 94* Thomas Martens 95 - adding colorblind option 96 - no-rfc mapping 97 98* Peter Mosmans 99 - started way better cmd line parsing 100 - cleanups, fixes 101 - openssl sources support with the "missing" features 102 103* John Newbigin 104 - Proxy support (sockets and openssl) 105 106* Oleksandr Nosenko 107 - non-flat JSON support (--json-pretty) 108 - in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level 109 110* Jonathan Roach 111 - TLS_FALLBACK_SCSV checks 112 113* Jonathon Rossi 114 - fix for bash3 (Darwin) 115 - and other Darwin fixes 116 117* Дилян Палаузов 118 - bug fix for 3des report 119 - reported a tricky STARTTLS bug 120 121* Thomas Patzke: 122 - Support of supplying timeout value for openssl connect 123 124* Olivier Paroz 125 - conversion xxd --> hexdump stuff 126 127* Jeroen Wiert Pluimers 128 - Darwin binaries support 129 130* Joao Poupino 131 - Minimize false positive detection for Renegotiation checks against Node.js etc. 132 133* Rechi 134 - initial MX stuff 135 - fixes 136 137* Gonçalo Ribeiro 138 - --connect-timeout 139 140* Dmitri S 141 - inspiration & help for Darwin port 142 143* Marcin Szychowski 144 - Quick'n'dirty client certificate support 145 146* Viktor Szépe 147 - color function maker 148 149* Julien Vehent 150 - supplied 1st Darwin binary 151 152* Thomas Ward 153 - add initial IDN support 154 155* @typingArtist 156 - improved BEAST detection 157 158* @f-s 159 - ARM binary support 160 161* @nvsofts (NV) 162 - LibreSSL patch for GOST 163 164Probably more I forgot to mention which did give me feedback, bug reports and helped one way or another. 165 166 167##### Last but not least: 168 169* OpenSSL team for providing openssl. 170 171* Ivan Ristic/Qualys for the liberal license which made it possible to make partly use of the client data 172 173* My family for supporting me doing this work 174 175