Documentation | API JavaDoc | Changes from Upstream | Reference Tools
DeepViolet is a TLS/SSL scanning API written in Java. It provides programmatic introspection of TLS/SSL connections, including certificate chain analysis, cipher suite enumeration, risk scoring, TLS fingerprinting, post-quantum key exchange analysis, DNS security checks (CAA, DANE/TLSA), certificate revocation verification (OCSP, CRL, CT), and support for multiple naming conventions (IANA, OpenSSL, GnuTLS, NSS). Protocols SSLv2 through TLS 1.3 are supported. Multi-host scanning with configurable concurrency, section-level retry with exponential backoff, cooperative pause/cancel, event-driven monitoring, and flexible target parsing (hostnames, IPs, CIDR, IP ranges) are also available.
GUI and command-line reference tools that consume this API are available in the DeepVioletTools project.
- Java 21 or higher
- Apache Maven 3.6.3 or higher
mvn clean verifyDeepViolet is available on Maven Central. Add it to your pom.xml:
<dependency>
<groupId>com.github.spoofzu</groupId>
<artifactId>DeepViolet</artifactId>
<version>6.1.0</version>
</dependency>See docs/DeepViolet.md for architecture, features, building, API usage, and contributing guidelines.
DeepViolet was previously an OWASP project but is no longer affiliated with OWASP.
This tool implements ideas, code, and takes inspiration from other projects and leaders like: Qualys SSL Labs, Ivan Ristic, OpenSSL, and Oracle's Java Security Team. Original default cipher suite meta was are derived from Mozilla Server Side TLS v5.7 guidelines. TLS/SSL raw socket adapted from code examples by Thomas Pornin. Significant development contributions by Claude Code from Anthropic.
This project leverages the works of other open source community projects and is provided for educational purposes. Use at your own risk.
The author is an employee of Oracle Corporation. This project is a personal endeavor and is not affiliated with, sponsored by, or endorsed by Oracle. All views and code are the author's own.