Built off the open source project Osquery
This query is designed to find Windows systems (Win7, Win Server 2012 R2 and above) that have overridden the disabling of insecure TLS versions. The output looks like:
select
case
when data = '0' then 'TRUE'
else 'FALSE'
end 'insecure_protocol_enabled',
split(key,'\\',7) as 'protocol',
split(key,'\\',8) as 'type'
from registry
where key like 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\%\%'
and name = 'DisabledByDefault'
and split(split(key,'\\',7),' ',1) < '1.2';
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.