Laim/SSLlabs-powershellscan.ps1

## SSLlabs-powershellscan.ps1
<#
.NOTES
    Version         : 1.0
    Author          : Laim McKenzie
    Creation Date   : 17.05.2021
    Purpose         : Automation of SSLLabs SSLtests.
    Credits         : Modified version of script by /u/tramperdk
#>


$dns_list = "C:\Dev\ssl_labs\dns_list.txt";
$output_file = "C:\Dev\ssl_labs\output\output.txt";

$date = Get-Date;
$DateStr = '{0:dd-MM-yyyy HH:mm:ss}' -f $date;

## Available Parameters
## Mandatory: $URL
## Optional: $Force - Forces a new scan
## Optional: $Output - Outputs the data to a file

function Get-SSLLabsGrade {
    [CmdletBinding()]
    param (
        # URL to scan with https://www.ssllabs.com/ssltest/
        [Parameter(Mandatory=$true)]
        [string]$URL,

        # Force parameter to force fresh result
        [Parameter(Mandatory = $false)]
        [switch]$Force = $false#,

        # Write output to file
        ##[Parameter(Mandatory = $false)]
        ##[switch]$ouputFile = $false
    )
    begin {
        if ($Force) {
            # Overview of api parameters used to fetch fresh results or cached.
            # API url and more information can be found at https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs-v3.md
            $Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&startNew=on&all=on" -ErrorAction SilentlyContinue
        }
        else {
            # PARAMETERNAME DESCRIPTION
            # maxAge        maximum report age, in hours, if retrieving from cache (fromCache parameter set).
            $Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&fromCache=on&maxAge=24&all=on" -ErrorAction SilentlyContinue
        }
        # Print information about usage if this call is verbose.
        Write-Verbose "This is scan $($Webrequest.Headers."X-Current-Assessments" +1) out of $($Webrequest.Headers."X-Max-Assessments") available"
        $JsonResult = $Webrequest | ConvertFrom-Json
    }
    process {
        try {
            # If the status isn't ready, then the test is still ongoing.
            while ((-Not($JsonResult.status -eq "Ready") )) {
                # Print current url, progress and state
                if ($($JsonResult.endpoints.progress) -gt 0) {
                    Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status)" ##-NoNewline
                }
                else {
                    Write-Host "`rScanning $URL, PROGRESS: 0% - STATE: $($JsonResult.status)" ##-NoNewline
                }
                # Wait another 15 seconds before we check again.
                Start-Sleep -seconds 15
                # Refresh results
                $JsonResult = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&all=on" -ErrorAction SilentlyContinue | ConvertFrom-Json
            }
            # Write final scanning message
            Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status)        " -NoNewline
        }
        catch {
            # Something went wrong.
            "Error scanning $URL : $($_.Exception.Message)"
        }
    }
    end {
        # Statuspage with latest results (this one includes remarks, which is why we create another call).
        $webresults = Invoke-WebRequest -Uri "https://www.ssllabs.com/ssltest/analyze.html?d=$URL&latest"
        try {
            # Remarks are tagged with HTML div tags and a class of "warningBox, errorBox etc.", we're only intrested in messages that affects our Grade.
            # Also we're cleaning up the strings a bit.
            $Remarks = (($webresults.AllElements | Where-Object {($_.TagName -eq "div") -and ($_.outerText -like "*Grade*") -and ($_.class -like "*Box")}) | ForEach-Object {" $(($_.class).SubString(0,$_.class.Length -3)): $($_.outerText) " }).Replace("MORE INFO »","").Trim()
        }
        catch {
            # If we encounter errors or encounter a null exception, we're not going to display any remarks.
            $Remarks = ""
        }
        # Print results.
        ""
        ""
        switch ($($JsonResult.endpoints.grade)) {
            # Grades taken from https://community.qualys.com/docs/DOC-6321-ssl-labs-grading-2018
            "A+"    { $GradeColor = [System.ConsoleColor]::Green }
            "A"     { $GradeColor = [System.ConsoleColor]::DarkGreen }
            "B"     { $GradeColor = [System.ConsoleColor]::Yellow }
            "C"     { $GradeColor = [System.ConsoleColor]::DarkYellow }
            "D"     { $GradeColor = [System.ConsoleColor]::Red }
            "F"     { $GradeColor = [System.ConsoleColor]::DarkRed }
            Default { $GradeColor = [System.ConsoleColor]::Blue }
        }
        ## The output of the score
        $output = "$URL scored [$($JsonResult.endpoints.grade)] on SSLLabs scan @ $DateStr"

        ## Output the score onto the ISE
        Write-Host $output -ForegroundColor $GradeColor

        ## If we want to write the output to a file, do it here
        ##if($ouputFile) {
            Add-Content $output_file  "$output"
        ##}

        ""
       ##if ($Remarks.Count -gt 0) {
       ##     $Remarks.Replace(": ",":  `t")
       ##}
    }
}


## Loop through each entry in the dns list

$reader = [System.IO.File]::OpenText($dns_list)

while($null -ne ($dns = $reader.ReadLine())) {

    Get-SSLLabsGrade($dns) -Force;

}
	<#
	.NOTES
	Version : 1.0
	Author : Laim McKenzie
	Creation Date : 17.05.2021
	Purpose : Automation of SSLLabs SSLtests.
	Credits : Modified version of script by /u/tramperdk
	#>


	$dns_list = "C:\Dev\ssl_labs\dns_list.txt";
	$output_file = "C:\Dev\ssl_labs\output\output.txt";

	$date = Get-Date;
	$DateStr = '{0:dd-MM-yyyy HH:mm:ss}' -f $date;

	## Available Parameters
	## Mandatory: $URL
	## Optional: $Force - Forces a new scan
	## Optional: $Output - Outputs the data to a file

	function Get-SSLLabsGrade {
	[CmdletBinding()]
	param (
	# URL to scan with https://www.ssllabs.com/ssltest/
	[Parameter(Mandatory=$true)]
	[string]$URL,

	# Force parameter to force fresh result
	[Parameter(Mandatory = $false)]
	[switch]$Force = $false#,

	# Write output to file
	##[Parameter(Mandatory = $false)]
	##[switch]$ouputFile = $false
	)
	begin {
	if ($Force) {
	# Overview of api parameters used to fetch fresh results or cached.
	# API url and more information can be found at https://github.com/ssllabs/ssllabs-scan/blob/master/ssllabs-api-docs-v3.md
	$Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&startNew=on&all=on" -ErrorAction SilentlyContinue
	}
	else {
	# PARAMETERNAME DESCRIPTION
	# maxAge maximum report age, in hours, if retrieving from cache (fromCache parameter set).
	$Webrequest = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&fromCache=on&maxAge=24&all=on" -ErrorAction SilentlyContinue
	}
	# Print information about usage if this call is verbose.
	Write-Verbose "This is scan $($Webrequest.Headers."X-Current-Assessments" +1) out of $($Webrequest.Headers."X-Max-Assessments") available"
	$JsonResult = $Webrequest \| ConvertFrom-Json
	}
	process {
	try {
	# If the status isn't ready, then the test is still ongoing.
	while ((-Not($JsonResult.status -eq "Ready") )) {
	# Print current url, progress and state
	if ($($JsonResult.endpoints.progress) -gt 0) {
	Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status)" ##-NoNewline
	}
	else {
	Write-Host "`rScanning $URL, PROGRESS: 0% - STATE: $($JsonResult.status)" ##-NoNewline
	}
	# Wait another 15 seconds before we check again.
	Start-Sleep -seconds 15
	# Refresh results
	$JsonResult = Invoke-WebRequest -Uri "https://api.ssllabs.com/api/v3/analyze?host=$URL&all=on" -ErrorAction SilentlyContinue \| ConvertFrom-Json
	}
	# Write final scanning message
	Write-Host "`rScanning $URL, PROGRESS: $($JsonResult.endpoints.progress)% - STATE: $($JsonResult.status) " -NoNewline
	}
	catch {
	# Something went wrong.
	"Error scanning $URL : $($_.Exception.Message)"
	}
	}
	end {
	# Statuspage with latest results (this one includes remarks, which is why we create another call).
	$webresults = Invoke-WebRequest -Uri "https://www.ssllabs.com/ssltest/analyze.html?d=$URL&latest"
	try {
	# Remarks are tagged with HTML div tags and a class of "warningBox, errorBox etc.", we're only intrested in messages that affects our Grade.
	# Also we're cleaning up the strings a bit.
	$Remarks = (($webresults.AllElements \| Where-Object {($_.TagName -eq "div") -and ($_.outerText -like "Grade") -and ($_.class -like "*Box")}) \| ForEach-Object {" $(($_.class).SubString(0,$_.class.Length -3)): $($_.outerText) " }).Replace("MORE INFO »","").Trim()
	}
	catch {
	# If we encounter errors or encounter a null exception, we're not going to display any remarks.
	$Remarks = ""
	}
	# Print results.
	""
	""
	switch ($($JsonResult.endpoints.grade)) {
	# Grades taken from https://community.qualys.com/docs/DOC-6321-ssl-labs-grading-2018
	"A+" { $GradeColor = [System.ConsoleColor]::Green }
	"A" { $GradeColor = [System.ConsoleColor]::DarkGreen }
	"B" { $GradeColor = [System.ConsoleColor]::Yellow }
	"C" { $GradeColor = [System.ConsoleColor]::DarkYellow }
	"D" { $GradeColor = [System.ConsoleColor]::Red }
	"F" { $GradeColor = [System.ConsoleColor]::DarkRed }
	Default { $GradeColor = [System.ConsoleColor]::Blue }
	}
	## The output of the score
	$output = "$URL scored [$($JsonResult.endpoints.grade)] on SSLLabs scan @ $DateStr"

	## Output the score onto the ISE
	Write-Host $output -ForegroundColor $GradeColor

	## If we want to write the output to a file, do it here
	##if($ouputFile) {
	Add-Content $output_file "$output"
	##}

	""
	##if ($Remarks.Count -gt 0) {
	## $Remarks.Replace(": ",": `t")
	##}
	}
	}


	## Loop through each entry in the dns list

	$reader = [System.IO.File]::OpenText($dns_list)

	while($null -ne ($dns = $reader.ReadLine())) {

	Get-SSLLabsGrade($dns) -Force;

	}