MASTG-TOOL-0143: badssl
badssl.com is a website maintained by the Chromium project that provides various SSL/TLS certificate configurations for testing security implementations. It offers a comprehensive collection of test subdomains with different certificate issues and configurations to help developers and security testers validate how applications handle SSL/TLS certificate validation.
The tool provides test cases for common SSL/TLS vulnerabilities and misconfigurations, including:
- Self-signed certificates (
self-signed.badssl.com
) - Expired certificates (
expired.badssl.com
) - Wrong hostname certificates (
wrong.host.badssl.com
) - Untrusted root certificates (
untrusted-root.badssl.com
) - Mixed content scenarios (
mixed.badssl.com
) - Weak cipher suites (
rc4.badssl.com
,dh512.badssl.com
) - HSTS testing (
hsts.badssl.com
) - Certificate transparency issues (
no-sct.badssl.com
)
This makes badssl.com particularly useful for testing the SSL/TLS certificate validation logic of mobile applications and ensuring that they properly reject invalid certificates and handle various security scenarios correctly.