OtterSSL is a cross-platform desktop application and GUI analysis tool for scanning SSL/TLS servers. It provides an intuitive, easy-to-use interface to inspect server certificates, supported protocols, cipher suites, and common SSL vulnerabilities.
With OtterSSL, you can quickly analyze the security posture of any HTTPS endpoint, view detailed X.509 certificate chains, export certificates to PEM formats, and generate comprehensive JSON reports of your scans.
- Detailed Certificate Inspection: Easily navigate the certificate chain, including Issuer, Subject, Key Sizes, Signature Algorithms, and X.509 extensions (like Subject Alternative Names and Key Usages).
- Protocol & Cipher Suite Analysis: Check support for legacy protocols (SSL 2.0/3.0) up to modern standards (TLS 1.3), along with robust cipher suite mappings.
- Vulnerability Scanning: Test endpoints against known weaknesses such as Heartbleed, ROBOT, and OpenSSL CCS Injection.
- Grading System: SSL scoring logic that assesses overall security configuration.
- Cross-Platform: Built for Linux and Windows, with standalone packaging scripts available for both.
- Export & Import: Save your scan results as standardized JSON reports to review later or share with your team.
OtterSSL can run directly from Python or be packaged into standalone native applications.
You need Python 3.9+ along with the dependencies listed in our requirements.txt.
python -m venv venv
source venv/bin/activate # On Windows: .\venv\Scripts\activate
pip install -r requirements.txt
python main.pyOtterSSL can be packaged as an isolated Flatpak running on the KDE Platform. A convenience script is provided in the packaging/linux directory.
To build the Flatpak bundle:
chmod +x packaging/linux/build_flatpak.sh
./packaging/linux/build_flatpak.shThis will compile the dependencies and generate a be.otterit.OtterSSL.flatpak bundle.
OtterSSL can be compiled into a standalone Windows executable (.exe) via PyInstaller, which is then bundled into an installer using Inno Setup.
To build the setup executable:
- Ensure you have Inno Setup 6 installed on your system.
- Run the PowerShell script:
.\packaging\windows\build_windows.ps1The final installer will be located in the dist/ folder as OtterSSL_Setup.exe. This installer supports silent installation flags, making it perfectly suitable for deployment via Winget.
OtterSSL is built on the shoulders of giants. We want to extend a massive thank you to the maintainers of the two core libraries that make this project possible:
- SSLyze: The powerful, fast, and comprehensive SSL/TLS scanning engine that powers all the network analysis under the hood of OtterSSL.
- Qt / PySide6: The robust, cross-platform GUI framework that allows OtterSSL to provide a native, responsive desktop experience across different operating systems.
This project is licensed under the MIT License - see the LICENSE file for details.