On the Internet, security is taken more and more serious. On the Web for example, HTTP over TLS (usually simply called HTTPS) is used by more than 90% of all Web sites (Google statistics) and will most likely become de-facto standard in the near future. However, secure deployment and operation of TLS is cumbersome and a lot of Web site are hosting insecure installations. Monitors and statistics for TLS parameters and weaknesses are offered by several security organizations and companies, but they include only certain aspects and do not allow further analysis.
The task of this thesis is building a generic security scanner for the most popular Web sites. It shall scan all relevant information (e.g. TLS handshake, vulnerabilities, certificates incl. certificate transparency, DNS entries, etc.) on a regular basis and store these information in a database. Some challenges are completeness of relevant information for unknown future evaluation or extensibility for new vulnerabilities. Further, the data shall be analyzed and presented in a user-friendly manner, and integration to other analysis platforms must be possible.