← Back to All Scanners
Network & ProtocolHigh Severity

TLS Downgrade Attacks Scanner

Tests for protocol downgrade vulnerabilities (POODLE, DROWN).

Try This Scanner

What is TLS Downgrade Attacks?

TLS Downgrade Attacks exploit server willingness to negotiate weaker protocols or ciphers. Attackers intercept connections and manipulate handshakes to force use of vulnerable protocols (SSLv3, TLS 1.0) or weak ciphers that can be broken. Named attacks include POODLE, DROWN, FREAK, Logjam, and BEAST.

Why is This Important?

Even if a server supports TLS 1.3, supporting legacy protocols for 'compatibility' creates vulnerabilities. Attackers actively downgrade connections to exploit known weaknesses. A single legacy-compatible server can compromise security for all connections from that client due to browser caching of downgrade states.

How It Works

1. Network Discovery

Scans and fingerprints network services, identifying open ports, protocols, and service versions.

2. Protocol Analysis

Tests protocol implementations for misconfigurations, weak encryption, and known vulnerabilities.

3. Infrastructure Assessment

Provides comprehensive network security posture with prioritized remediation recommendations.

Key Capabilities

Enterprise network security assessment covering infrastructure, protocols, and service configurations.

  • Comprehensive port and service discovery
  • Protocol-specific vulnerability checks
  • TLS/SSL configuration analysis
  • Legacy protocol detection and assessment
  • Network segmentation validation

Frequently Asked Questions

How do downgrade attacks work?

Man-in-the-middle attackers modify handshake messages to make server/client believe the other only supports weak protocols. The TLS_FALLBACK_SCSV extension detects this, but requires both sides to support it. Without it, downgrades succeed silently.

What are the major downgrade vulnerabilities?

POODLE: SSLv3 CBC padding oracle. DROWN: SSLv2 enables cross-protocol attack on TLS. FREAK: export-grade RSA weakness. Logjam: weak Diffie-Hellman (512-bit). BEAST: TLS 1.0 CBC IV vulnerability. ROBOT: RSA padding oracle in TLS.

Does disabling old protocols fully protect against downgrades?

Disabling SSLv3, TLS 1.0, and TLS 1.1 removes most downgrade attack surfaces. Also remove weak ciphers (export, DES, RC4) and weak DH parameters. TLS 1.2+ with strong ciphers is resistant to known downgrade attacks.

How do I test for downgrade vulnerabilities?

Use testssl.sh --vulnerable for comprehensive testing, SSL Labs for named vulnerability checks, or manual testing with openssl s_client forcing specific protocols. Check that legacy protocols are completely disabled, not just de-prioritized.

Related Scanners

TCP Port ScanningInfo
Learn more →
UDP Port ScanningInfo
Learn more →
Service FingerprintingInfo
Learn more →
TLS/SSL ConfigurationMedium
Learn more →

Ready to secure your application?

Start testing for tls downgrade attacks vulnerabilities today.

Get Started Free