npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@ideascol/tls-audit

v0.0.1

Published

Audit your tls configuration

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

jairofg12jairofg12ideascoladminideascoladminandresferandresfer

Keywords

Readme

@ideascol/tls-audit

A comprehensive TLS configuration audit tool for checking the security of your website's SSL/TLS implementation.

Overview

The TLS Audit tool performs in-depth security analysis of a domain's TLS configuration, providing:

  • TLS protocol version detection
  • Cipher suite security assessment
  • Certificate validation and expiration checks
  • Domain name validation against Subject Alternative Names (SAN)
  • Self-signed certificate detection
  • Comprehensive security scoring
  • Detailed vulnerability reporting

Quick Start

# Using npm
npx @ideascol/tls-audit example.com

# Using bun
bunx @ideascol/tls-audit example.com

Installation

# Using npm
npm install -g @ideascol/tls-audit

# Using bun
bun install -g @ideascol/tls-audit

Usage as CLI

# Basic usage
tls-audit example.com

# Specify a custom port (default is 443)
 bun run start target --server="https://www.google.com/"
 bun run start target --server="142.251.215.238"

Usage as Library

import { TslAuditor } from '@ideascol/tls-audit';

// Audit a domain (default port 443)
TslAuditor('example.com') // or IP address
  .then(result => {
    console.log(result.summary);
    
    if (result.issues.length > 0) {
      console.log('Issues found:');
      result.issues.forEach(issue => console.log(issue));
    }
    
    console.log(`Security Score: ${result.securityScore}/100`);
  })
  .catch(err => {
    console.error('Audit failed:', err.message);
  });

// Audit with a custom port
TslAuditor('example.com', 8443)
  .then(result => {
    // Process results
  });

Audit Result Structure

The audit returns a comprehensive result object with the following information:

{
  host: string;              // The audited hostname
  port: number;              // The port used for the TLS connection
  protocol: string | null;   // The TLS protocol version detected
  cipher: {                  // Information about the negotiated cipher
    name: string;            // Cipher name
    version: string;         // TLS version used
    standardName: string;    // Standard name of the cipher
  };
  certificate: {             // Cleaned certificate information
    subject: object;         // Certificate subject fields
    issuer: object;          // Certificate issuer fields
    valid_from: string;      // Certificate validity start date
    valid_to: string;        // Certificate expiration date
    fingerprint: string;     // Certificate fingerprint
    // ... additional certificate details
  };
  isSelfSigned: boolean;     // Whether certificate is self-signed
  isExpired: boolean;        // Whether certificate is expired
  expiresInDays: number;     // Days until certificate expiration
  tlsInsecure: boolean;      // If insecure TLS version is used (1.0/1.1)
  cipherInsecure: boolean;   // If weak cipher is detected
  domainMismatch: boolean;   // If domain doesn't match certificate
  handshakeTimeMs: number;   // TLS handshake time in milliseconds
  issues: string[];          // List of detected security issues
  securityScore: number;     // Overall security score (0-100)
  checklist: {               // Security checklist results
    tlsVersionSecure: boolean;
    cipherSecure: boolean;
    certValid: boolean;
    domainMatches: boolean;
    selfSigned: boolean;
    certExpiringSoon: boolean;
  };
  summary: string;           // Text summary of the audit results
  sanList?: string[];        // List of Subject Alternative Names
  domainMismatchReason?: string; // Details if domain doesn't match
}

Security Checks Performed

The tool evaluates the following security aspects:

  • TLS Protocol Version: Flags TLS 1.0 and 1.1 as insecure
  • Cipher Security: Detects weak ciphers including RC4, 3DES, DES, NULL, MD5, etc.
  • Certificate Validity: Checks if the certificate is expired or expiring soon
  • Domain Validation: Verifies hostname against certificate's Subject Alternative Names
  • Certificate Trust: Detects self-signed certificates
  • Handshake Performance: Measures TLS handshake time

Security Scoring

The security score starts at 100 and deducts points for various issues:

  • Insecure TLS version: -30 points
  • Weak cipher: -25 points
  • Self-signed certificate: -20 points
  • Expired certificate: -30 points
  • Certificate expiring soon: -10 points
  • Domain mismatch: -20 points

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Developed by IdeasCol Digital Security Team - Protecting applications through advanced security tooling.