1. Change the date format from d/m/Y to Y-m-d (e.g. 2004-08-28)
2. In the return/output of ssl_certificate_scan in SSL library please add certificate "subject" and "issuer" so these could be logged
3. Rename ssl_version module to ssl_weak_version
4. Change ssl_expired_certificate module to return expired certs only ( do not count expiring_soon certs - it is not a vulnerability!)
5. Create a separate ssl_expiring_certificate module in modules/scan (remember 'expiring soon' is not a vulnerability, so we need to make this a 'scan' module)
6. Rename ssl_signed_certificate module to ssl_certificate_weak_signature and remove the self-signed check from it
7. Create a separate ssl_self_signed_certificate module in modules/vuln
Next in nettacker/core/lib/ssl.py
in class SslLibrary(BaseLibrary): you have ssl_certificate_scan and ssl_version_and_cipher_scan methods.
There is a common code in these two methods so these could be refactored to remove the repetition. Please refactor/improve this.
In ssl_version_and_cipher_scan also please add add to the output /return certificate "subject" ,"issuer" and an expiry date.
This way if a user scans they network using IP addresses and some servers will come up with weak SSL versions/ciphers it will be easier for user to identify the servers using the certificate subject/issuer
Captain-T2004
Arkadii Yakovets