diff --git a/iot/carel-plantvisor-panel.yaml b/iot/carel-plantvisor-panel.yaml
index 30b6c219e1..90ca42759f 100644
--- a/iot/carel-plantvisor-panel.yaml
+++ b/iot/carel-plantvisor-panel.yaml
@@ -1,27 +1,27 @@
-id: carel-plantvisor-panel
-
-info:
-  name: CAREL Pl@ntVisor Panel
-  author: Hardik-Solanki
-  severity: info
-  metadata:
-    shodan-query: title:"CAREL Pl@ntVisor"
-  tags: panels,scada,iot,carel
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - 'CAREL Pl@ntVisor'
-          - 'alt="CAREL'
-        condition: or
-
-      - type: status
-        status:
-          - 200
+id: carel-plantvisor-panel
+
+info:
+  name: CAREL Pl@ntVisor Panel
+  author: Hardik-Solanki
+  severity: info
+  metadata:
+    shodan-query: title:"CAREL Pl@ntVisor"
+  tags: panels,scada,iot,carel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'CAREL Pl@ntVisor'
+          - 'alt="CAREL'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml
index a9e02ec00c..ff0979e246 100644
--- a/iot/raspberry-shake-config.yaml
+++ b/iot/raspberry-shake-config.yaml
@@ -1,28 +1,28 @@
-id: raspberry-shake-config
-
-info:
-  name: Raspberry Shake Config Detection
-  author: pussycat0x
-  severity: medium
-  description: |
-    The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software.
-  metadata:
-    verified: true
-    shodan-query: title:"Raspberry Shake Config"
-  tags: misconfig,unauth,iot,raspberry
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "Raspberry Shake Config"
-
-      - type: status
-        status:
-          - 200
+id: raspberry-shake-config
+
+info:
+  name: Raspberry Shake Config Detection
+  author: pussycat0x
+  severity: medium
+  description: |
+    The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software.
+  metadata:
+    verified: true
+    shodan-query: title:"Raspberry Shake Config"
+  tags: misconfig,unauth,iot,raspberry
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Raspberry Shake Config"
+
+      - type: status
+        status:
+          - 200
diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml
index dd0e614fee..0061745d93 100644
--- a/miscellaneous/sitemap-detect.yaml
+++ b/miscellaneous/sitemap-detect.yaml
@@ -1,36 +1,36 @@
-id: sitemap-detect
-
-info:
-  name: Sitemap Detection
-  author: houdinis
-  severity: info
-  description: |
-    A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them.
-  metadata:
-    verified: "true"
-    google-query: intext:"sitemap" filetype:txt,filetype:xml inurl:sitemap,inurl:"/sitemap.xsd" ext:xsd
-  tags: misc,generic,sitemap
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/sitemap.xml"
-      - "{{BaseURL}}/sitemap.xsl"
-      - "{{BaseURL}}/sitemap.xsd"
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "sitemap>"
-        case-insensitive: true
-
-      - type: word
-        part: header
-        words:
-          - 'application/xml'
-
-      - type: status
-        status:
-          - 200
+id: sitemap-detect
+
+info:
+  name: Sitemap Detection
+  author: houdinis
+  severity: info
+  description: |
+    A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them.
+  metadata:
+    verified: "true"
+    google-query: intext:"sitemap" filetype:txt,filetype:xml inurl:sitemap,inurl:"/sitemap.xsd" ext:xsd
+  tags: misc,generic,sitemap
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sitemap.xml"
+      - "{{BaseURL}}/sitemap.xsl"
+      - "{{BaseURL}}/sitemap.xsd"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "sitemap>"
+        case-insensitive: true
+
+      - type: word
+        part: header
+        words:
+          - 'application/xml'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/unauth-kubecost.yaml b/misconfiguration/unauth-kubecost.yaml
index e4051ce911..fb5384aaab 100644
--- a/misconfiguration/unauth-kubecost.yaml
+++ b/misconfiguration/unauth-kubecost.yaml
@@ -1,30 +1,30 @@
-id: unauth-kubecost
-info:
-  name: KubeCost - Unauthenticated Dashboard Exposure
-  author: pussycat0x
-  severity: medium
-  reference: https://www.facebook.com/photo?fbid=470414125129112&set=pcb.470413798462478
-  metadata:
-    verified: true
-    shodan-query: title:kubecost
-  tags: misconfig,exposure,unauth,kubecost
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/overview.html'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>Cluster Overview | Kubecost</title>'
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
+id: unauth-kubecost
+info:
+  name: KubeCost - Unauthenticated Dashboard Exposure
+  author: pussycat0x
+  severity: medium
+  reference: https://www.facebook.com/photo?fbid=470414125129112&set=pcb.470413798462478
+  metadata:
+    verified: true
+    shodan-query: title:kubecost
+  tags: misconfig,exposure,unauth,kubecost
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/overview.html'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Cluster Overview | Kubecost</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/network/detection/activemq-openwire-transport-detect.yaml b/network/detection/activemq-openwire-transport-detect.yaml
index 38b0ca2a83..19c682dc58 100644
--- a/network/detection/activemq-openwire-transport-detect.yaml
+++ b/network/detection/activemq-openwire-transport-detect.yaml
@@ -1,31 +1,31 @@
-id: activemq-openwire-transport-detect
-
-info:
-  name: ActiveMQ OpenWire Transport Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    OpenWire is the native protocol that Apache ActiveMQ uses. It is designed for performance and size on the wire - sacrificing some ease of implementation with higher performance and reduced network bandwidth as a priority.
-  metadata:
-    verified: true
-    shodan-query: 'product:"ActiveMQ OpenWire transport"'
-  tags: network,activemq
-
-network:
-  - inputs:
-      - data: "VERSION"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:61616"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "ActiveMQ"
-
-    extractors:
-      - type: regex
-        regex:
-          - "ProviderVersion...([0-9.]+)"
+id: activemq-openwire-transport-detect
+
+info:
+  name: ActiveMQ OpenWire Transport Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    OpenWire is the native protocol that Apache ActiveMQ uses. It is designed for performance and size on the wire - sacrificing some ease of implementation with higher performance and reduced network bandwidth as a priority.
+  metadata:
+    verified: true
+    shodan-query: 'product:"ActiveMQ OpenWire transport"'
+  tags: network,activemq
+
+network:
+  - inputs:
+      - data: "VERSION"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:61616"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ActiveMQ"
+
+    extractors:
+      - type: regex
+        regex:
+          - "ProviderVersion...([0-9.]+)"
diff --git a/network/detection/apache-activemq-detect.yaml b/network/detection/apache-activemq-detect.yaml
index 0c096a254b..798541a353 100644
--- a/network/detection/apache-activemq-detect.yaml
+++ b/network/detection/apache-activemq-detect.yaml
@@ -1,27 +1,27 @@
-id: apache-activemq-detect
-
-info:
-  name: Apache ActiveMQ Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service client. It provides "Enterprise Features" which in this case means fostering the communication from more than one client or server.
-  metadata:
-    verified: true
-    shodan-query: 'product:"Apache ActiveMQ"'
-  tags: network,activemq,oss
-
-network:
-  - inputs:
-      - data: "HELP\n\n\u0000"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:61613"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Unknown STOMP action"
-          - "norg.apache.activemq.transport.stomp"
+id: apache-activemq-detect
+
+info:
+  name: Apache ActiveMQ Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service client. It provides "Enterprise Features" which in this case means fostering the communication from more than one client or server.
+  metadata:
+    verified: true
+    shodan-query: 'product:"Apache ActiveMQ"'
+  tags: network,activemq,oss
+
+network:
+  - inputs:
+      - data: "HELP\n\n\u0000"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:61613"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Unknown STOMP action"
+          - "norg.apache.activemq.transport.stomp"
diff --git a/network/detection/clamav-detect.yaml b/network/detection/clamav-detect.yaml
index b0600d0c2f..a5a6c8f0c7 100644
--- a/network/detection/clamav-detect.yaml
+++ b/network/detection/clamav-detect.yaml
@@ -1,29 +1,29 @@
-id: clamav-detect
-
-info:
-  name: ClamAV Server Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    Clam AntiVirus is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses.
-  metadata:
-    verified: true
-    shodan-query: 'port:3310 product:"ClamAV"'
-  tags: network,clamav
-
-network:
-  - inputs:
-      - data: "VERSION"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:3310"
-
-    matchers:
-      - type: regex
-        regex:
-          - 'ClamAV ([0-9.]+)'
-
-    extractors:
-      - type: regex
-        regex:
-          - "ClamAV ([0-9.]+)"
+id: clamav-detect
+
+info:
+  name: ClamAV Server Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    Clam AntiVirus is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses.
+  metadata:
+    verified: true
+    shodan-query: 'port:3310 product:"ClamAV"'
+  tags: network,clamav
+
+network:
+  - inputs:
+      - data: "VERSION"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:3310"
+
+    matchers:
+      - type: regex
+        regex:
+          - 'ClamAV ([0-9.]+)'
+
+    extractors:
+      - type: regex
+        regex:
+          - "ClamAV ([0-9.]+)"
diff --git a/network/detection/cql-native-transport.yaml b/network/detection/cql-native-transport.yaml
index 34e00e427f..642a10ddb8 100644
--- a/network/detection/cql-native-transport.yaml
+++ b/network/detection/cql-native-transport.yaml
@@ -1,37 +1,37 @@
-id: cql-native-transport
-
-info:
-  name: CQL Native Transport Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    Native transport requests (NTR) are any requests made via the CQL Native Protocol. CQL Native Protocol is the way the Cassandra driver communicates with the server.
-  metadata:
-    verified: true
-    shodan-query: "cassandra"
-  tags: network,cassandra,cql
-
-network:
-  - inputs:
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-      - data: "/n"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:9042"
-
-    matchers:
-      - type: word
-        words:
-          - "valid or unsupported protocol"
-
-    extractors:
-      - type: regex
-        regex:
-          - "protocol version: ([0-9]+)"
+id: cql-native-transport
+
+info:
+  name: CQL Native Transport Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    Native transport requests (NTR) are any requests made via the CQL Native Protocol. CQL Native Protocol is the way the Cassandra driver communicates with the server.
+  metadata:
+    verified: true
+    shodan-query: "cassandra"
+  tags: network,cassandra,cql
+
+network:
+  - inputs:
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+      - data: "/n"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:9042"
+
+    matchers:
+      - type: word
+        words:
+          - "valid or unsupported protocol"
+
+    extractors:
+      - type: regex
+        regex:
+          - "protocol version: ([0-9]+)"
diff --git a/network/detection/esmtp-detect.yaml b/network/detection/esmtp-detect.yaml
index aa1d0dc904..7cda41d355 100644
--- a/network/detection/esmtp-detect.yaml
+++ b/network/detection/esmtp-detect.yaml
@@ -1,30 +1,30 @@
-id: esmtp-detect
-
-info:
-  name: ESMTP Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    ESMTP (Extended Simple Mail Transfer Protocol) specifies extensions to the original protocol for sending e-mail that supports graphics, audio and video files, and text in various national languages
-  reference:
-    - https://nmap.org/nsedoc/scripts/smtp-open-relay.html
-  metadata:
-    verified: true
-    shodan-query: 'ESMTP'
-  tags: network,detect,smtp,mail
-
-network:
-  - inputs:
-      - data: "\n"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:25"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "ESMTP Postfix"
-          - "220"
-        condition: and
+id: esmtp-detect
+
+info:
+  name: ESMTP Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    ESMTP (Extended Simple Mail Transfer Protocol) specifies extensions to the original protocol for sending e-mail that supports graphics, audio and video files, and text in various national languages
+  reference:
+    - https://nmap.org/nsedoc/scripts/smtp-open-relay.html
+  metadata:
+    verified: true
+    shodan-query: 'ESMTP'
+  tags: network,detect,smtp,mail
+
+network:
+  - inputs:
+      - data: "\n"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:25"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ESMTP Postfix"
+          - "220"
+        condition: and
diff --git a/network/detection/gnu-inetutils-ftpd-detect.yaml b/network/detection/gnu-inetutils-ftpd-detect.yaml
index 9bde8bacea..1dba45a12f 100644
--- a/network/detection/gnu-inetutils-ftpd-detect.yaml
+++ b/network/detection/gnu-inetutils-ftpd-detect.yaml
@@ -1,29 +1,29 @@
-id: gnu-inetutils-ftpd-detect
-
-info:
-  name: GNU Inetutils FTPd Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
-  metadata:
-    verified: true
-    shodan-query: 'product:"GNU Inetutils FTPd"'
-  tags: network,ftp,smartgateway,gnu,inetutils
-
-network:
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:21"
-
-    matchers:
-      - type: word
-        words:
-          - "SmartGateway FTP server"
-
-    extractors:
-      - type: regex
-        regex:
-          - "GNU inetutils ([0-9.]+)"
+id: gnu-inetutils-ftpd-detect
+
+info:
+  name: GNU Inetutils FTPd Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
+  metadata:
+    verified: true
+    shodan-query: 'product:"GNU Inetutils FTPd"'
+  tags: network,ftp,smartgateway,gnu,inetutils
+
+network:
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:21"
+
+    matchers:
+      - type: word
+        words:
+          - "SmartGateway FTP server"
+
+    extractors:
+      - type: regex
+        regex:
+          - "GNU inetutils ([0-9.]+)"
diff --git a/network/detection/imap-detect.yaml b/network/detection/imap-detect.yaml
index d644e46c7b..caaa842c2e 100644
--- a/network/detection/imap-detect.yaml
+++ b/network/detection/imap-detect.yaml
@@ -1,28 +1,28 @@
-id: imap-detect
-
-info:
-  name: Imap Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    IMAP is an application-layer protocol used by email clients to retrieve messages from a mail server. It was designed to manage multiple email clients, therefore clients generally leave messages on the server until the user explicitly deletes them.
-  metadata:
-    verified: true
-    shodan-query: 'imap'
-  tags: network,detect,imap,mail
-
-network:
-  - inputs:
-      - data: "\n"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:143"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "OK "
-          - "IMAP4rev1"
-        condition: and
+id: imap-detect
+
+info:
+  name: Imap Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    IMAP is an application-layer protocol used by email clients to retrieve messages from a mail server. It was designed to manage multiple email clients, therefore clients generally leave messages on the server until the user explicitly deletes them.
+  metadata:
+    verified: true
+    shodan-query: 'imap'
+  tags: network,detect,imap,mail
+
+network:
+  - inputs:
+      - data: "\n"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:143"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "OK "
+          - "IMAP4rev1"
+        condition: and
diff --git a/network/detection/microsoft-ftp-service.yaml b/network/detection/microsoft-ftp-service.yaml
index 2adc3f2da4..0ade65a1fa 100644
--- a/network/detection/microsoft-ftp-service.yaml
+++ b/network/detection/microsoft-ftp-service.yaml
@@ -1,25 +1,25 @@
-id: microsoft-ftp-service
-
-info:
-  name: Microsoft FTP Service Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
-  metadata:
-    verified: true
-    shodan-query: "Microsoft FTP Service"
-  tags: network,ftp,microsoft
-
-network:
-
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:21"
-
-    matchers:
-      - type: word
-        words:
-          - "Microsoft FTP Service"
+id: microsoft-ftp-service
+
+info:
+  name: Microsoft FTP Service Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
+  metadata:
+    verified: true
+    shodan-query: "Microsoft FTP Service"
+  tags: network,ftp,microsoft
+
+network:
+
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:21"
+
+    matchers:
+      - type: word
+        words:
+          - "Microsoft FTP Service"
diff --git a/network/detection/mikrotik-ftp-server-detect.yaml b/network/detection/mikrotik-ftp-server-detect.yaml
index b61e8b144c..87596f81d5 100644
--- a/network/detection/mikrotik-ftp-server-detect.yaml
+++ b/network/detection/mikrotik-ftp-server-detect.yaml
@@ -1,30 +1,30 @@
-id: mikrotik-ftp-server-detect
-
-info:
-  name: MikroTik FTP server Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
-  metadata:
-    verified: true
-    shodan-query: 'product:"MikroTik router ftpd"'
-  tags: network,ftp,mikrotik,router
-
-network:
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:21"
-
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "MikroTik FTP"
-
-    extractors:
-      - type: regex
-        regex:
-          - "MikroTik ([0-9.]+)"
+id: mikrotik-ftp-server-detect
+
+info:
+  name: MikroTik FTP server Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
+  metadata:
+    verified: true
+    shodan-query: 'product:"MikroTik router ftpd"'
+  tags: network,ftp,mikrotik,router
+
+network:
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:21"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "MikroTik FTP"
+
+    extractors:
+      - type: regex
+        regex:
+          - "MikroTik ([0-9.]+)"
diff --git a/network/detection/proftpd-server-detect.yaml b/network/detection/proftpd-server-detect.yaml
index 0c8b7360e8..e30e97cb93 100644
--- a/network/detection/proftpd-server-detect.yaml
+++ b/network/detection/proftpd-server-detect.yaml
@@ -1,29 +1,29 @@
-id: proftpd-server-detect
-
-info:
-  name: ProFTPD Server Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
-  metadata:
-    verified: true
-    shodan-query: 'product:"ProFTPD"'
-  tags: network,ftp,proftpd
-
-network:
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:21"
-
-    matchers:
-      - type: word
-        words:
-          - "ProFTPD Server"
-
-    extractors:
-      - type: regex
-        regex:
-          - "ProFTPD ([0-9.a-z]+) Server"
+id: proftpd-server-detect
+
+info:
+  name: ProFTPD Server Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
+  metadata:
+    verified: true
+    shodan-query: 'product:"ProFTPD"'
+  tags: network,ftp,proftpd
+
+network:
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:21"
+
+    matchers:
+      - type: word
+        words:
+          - "ProFTPD Server"
+
+    extractors:
+      - type: regex
+        regex:
+          - "ProFTPD ([0-9.a-z]+) Server"
diff --git a/network/detection/rabbitmq-detect.yaml b/network/detection/rabbitmq-detect.yaml
index 101377d9bd..0be8785c61 100644
--- a/network/detection/rabbitmq-detect.yaml
+++ b/network/detection/rabbitmq-detect.yaml
@@ -1,30 +1,30 @@
-id: rabbitmq-detect
-
-info:
-  name: RabbitMQ Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    RabbitMQ is an open-source message-broker software that originally implemented the Advanced Message Queuing Protocol and has since been extended with a plug-in architecture to support Streaming Text Oriented Messaging Protocol, MQ Telemetry Transport, and other protocols.
-  reference:
-    - https://nmap.org/nsedoc/scripts/amqp-info.html
-  metadata:
-    verified: true
-    shodan-query: product:"RabbitMQ"
-  tags: network,rabbitmq,oss
-
-network:
-  - inputs:
-      - data: "AMQP\u0000\u0000\t\u0001"
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:5672"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "publisher_confirmst"
-          - "RabbitMQ"
-        condition: and
+id: rabbitmq-detect
+
+info:
+  name: RabbitMQ Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    RabbitMQ is an open-source message-broker software that originally implemented the Advanced Message Queuing Protocol and has since been extended with a plug-in architecture to support Streaming Text Oriented Messaging Protocol, MQ Telemetry Transport, and other protocols.
+  reference:
+    - https://nmap.org/nsedoc/scripts/amqp-info.html
+  metadata:
+    verified: true
+    shodan-query: product:"RabbitMQ"
+  tags: network,rabbitmq,oss
+
+network:
+  - inputs:
+      - data: "AMQP\u0000\u0000\t\u0001"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:5672"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "publisher_confirmst"
+          - "RabbitMQ"
+        condition: and
diff --git a/network/detection/riak-detect.yaml b/network/detection/riak-detect.yaml
index 4a89a17828..f710369316 100644
--- a/network/detection/riak-detect.yaml
+++ b/network/detection/riak-detect.yaml
@@ -1,31 +1,31 @@
-id: riak-detect
-
-info:
-  name: Riak Detection
-  author: pussycat0x
-  severity: info
-  description: Riak is a distributed NoSQL key-value data store that offers high availability, fault tolerance, operational simplicity, and scalability.
-  metadata:
-    verified: true
-    shodan-query: product:"Riak"
-  tags: network,oss
-
-network:
-  - inputs:
-      - data: 0000000107
-        type: hex
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:8087"
-
-    read-size: 2048
-    matchers:
-      - type: word
-        words:
-          - "riak"
-
-    extractors:
-      - type: regex
-        regex:
-          - "riak@([0-9.]+)..([0-9.]+([a-z]+[0-9]))"
+id: riak-detect
+
+info:
+  name: Riak Detection
+  author: pussycat0x
+  severity: info
+  description: Riak is a distributed NoSQL key-value data store that offers high availability, fault tolerance, operational simplicity, and scalability.
+  metadata:
+    verified: true
+    shodan-query: product:"Riak"
+  tags: network,oss
+
+network:
+  - inputs:
+      - data: 0000000107
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:8087"
+
+    read-size: 2048
+    matchers:
+      - type: word
+        words:
+          - "riak"
+
+    extractors:
+      - type: regex
+        regex:
+          - "riak@([0-9.]+)..([0-9.]+([a-z]+[0-9]))"
diff --git a/network/detection/sshd-dropbear-detect.yaml b/network/detection/sshd-dropbear-detect.yaml
index 098a24b3ee..c458ae3e73 100644
--- a/network/detection/sshd-dropbear-detect.yaml
+++ b/network/detection/sshd-dropbear-detect.yaml
@@ -1,30 +1,30 @@
-id: sshd-dropbear-detect
-
-info:
-  name: Dropbear sshd Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems
-  metadata:
-    verified: true
-    shodan-query: 'product:"Dropbear sshd"'
-  tags: network,ssh,dropbear
-
-network:
-
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:22"
-
-    matchers:
-      - type: word
-        words:
-          - "dropbear"
-
-    extractors:
-      - type: regex
-        regex:
-          - "SSH-([0-9.]+)-dropbear_([0-9.]+)"
+id: sshd-dropbear-detect
+
+info:
+  name: Dropbear sshd Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems
+  metadata:
+    verified: true
+    shodan-query: 'product:"Dropbear sshd"'
+  tags: network,ssh,dropbear
+
+network:
+
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:22"
+
+    matchers:
+      - type: word
+        words:
+          - "dropbear"
+
+    extractors:
+      - type: regex
+        regex:
+          - "SSH-([0-9.]+)-dropbear_([0-9.]+)"
diff --git a/network/detection/vmware-authentication-daemon-detect.yaml b/network/detection/vmware-authentication-daemon-detect.yaml
index e95b503f7f..18fff5eb7b 100644
--- a/network/detection/vmware-authentication-daemon-detect.yaml
+++ b/network/detection/vmware-authentication-daemon-detect.yaml
@@ -1,32 +1,32 @@
-id: vmware-authentication-daemon
-
-info:
-  name: VMware Authentication Daemon Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    vmauthd is the VMWare authentication daemon that is included with many VMWare products, including ESX(i), and Workstation.
-  metadata:
-    verified: true
-    shodan-query: 'product:"VMware Authentication Daemon"'
-  tags: network,vmware,authenticated
-
-network:
-
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:902"
-
-    matchers:
-      - type: word
-        words:
-          - "ServerDaemonProtocol:SOAP"
-          - "MKSDisplayProtocol:VNC"
-        condition: and
-
-    extractors:
-      - type: regex
-        regex:
-          - "VMware Authentication Daemon Version ([0-9.]+)"
+id: vmware-authentication-daemon
+
+info:
+  name: VMware Authentication Daemon Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    vmauthd is the VMWare authentication daemon that is included with many VMWare products, including ESX(i), and Workstation.
+  metadata:
+    verified: true
+    shodan-query: 'product:"VMware Authentication Daemon"'
+  tags: network,vmware,authenticated
+
+network:
+
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:902"
+
+    matchers:
+      - type: word
+        words:
+          - "ServerDaemonProtocol:SOAP"
+          - "MKSDisplayProtocol:VNC"
+        condition: and
+
+    extractors:
+      - type: regex
+        regex:
+          - "VMware Authentication Daemon Version ([0-9.]+)"
diff --git a/network/detection/xlight-ftp-service-detect.yaml b/network/detection/xlight-ftp-service-detect.yaml
index c2092d2355..5ff895ebf3 100644
--- a/network/detection/xlight-ftp-service-detect.yaml
+++ b/network/detection/xlight-ftp-service-detect.yaml
@@ -1,31 +1,31 @@
-id: xlight-ftp-service-detect
-
-info:
-  name: Xlight FTP Service Detect
-  author: pussycat0x
-  severity: info
-  description: |
-    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
-  metadata:
-    verified: true
-    shodan-query: 'product:"Xlight ftpd"'
-  tags: network,ftp,xlight
-
-network:
-
-  - inputs:
-      - data: "\n"
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:21"
-
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "Xlight FTP Server"
-
-    extractors:
-      - type: regex
-        regex:
-          - "Xlight FTP Server ([0-9.]+)"
+id: xlight-ftp-service-detect
+
+info:
+  name: Xlight FTP Service Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.
+  metadata:
+    verified: true
+    shodan-query: 'product:"Xlight ftpd"'
+  tags: network,ftp,xlight
+
+network:
+
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:21"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Xlight FTP Server"
+
+    extractors:
+      - type: regex
+        regex:
+          - "Xlight FTP Server ([0-9.]+)"
diff --git a/ssl/weak-cipher-suites.yaml b/ssl/weak-cipher-suites.yaml
index df065b42ff..e3f76814ef 100644
--- a/ssl/weak-cipher-suites.yaml
+++ b/ssl/weak-cipher-suites.yaml
@@ -1,858 +1,858 @@
-id: weak-cipher-suites
-
-info:
-  name: Weak Cipher Suites Detection
-  author: pussycat0x
-  severity: medium
-  reference:
-    - https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
-    - http://ciphersuite.info
-  description:
-    A weak cipher is defined as an encryption/decryption algorithm that uses a key of insufficient length. Using an insufficient length for a key
-    in an encryption/decryption algorithm opens up the possibility (or probability) that the encryption scheme could be broken.
-  tags: ssl,tls,misconfig
-
-ssl:
-  - address: "{{Host}}:{{Port}}"
-    min_version: tls10
-    max_version: tls10
-
-    extractors:
-      - type: dsl
-        dsl:
-          - "tls_version, cipher"
-
-    matchers:
-      - type: word
-        part: cipher
-        words:
-          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_IDEA_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_RSA_WITH_AES_128_CCM"
-          - "TLS_RSA_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM_8"
-          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_CCM_8"
-          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CCM_8"
-          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CCM_8"
-          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
-        condition: or
-
-  - address: "{{Host}}:{{Port}}"
-    min_version: tls11
-    max_version: tls11
-
-    extractors:
-      - type: dsl
-        dsl:
-          - "tls_version, cipher"
-
-    matchers:
-      - type: word
-        part: cipher
-        words:
-          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_IDEA_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_RSA_WITH_AES_128_CCM"
-          - "TLS_RSA_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM_8"
-          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_CCM_8"
-          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CCM_8"
-          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CCM_8"
-          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
-        condition: or
-
-  - address: "{{Host}}:{{Port}}"
-    min_version: tls12
-    max_version: tls12
-
-    extractors:
-      - type: dsl
-        dsl:
-          - "tls_version, cipher"
-
-    matchers:
-      - type: word
-        part: cipher
-        words:
-          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_IDEA_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_RSA_WITH_AES_128_CCM"
-          - "TLS_RSA_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM_8"
-          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_CCM_8"
-          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CCM_8"
-          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CCM_8"
-          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
-        condition: or
-
-  - address: "{{Host}}:{{Port}}"
-    min_version: tls13
-    max_version: tls13
-
-    extractors:
-      - type: dsl
-        dsl:
-          - "tls_version, cipher"
-
-    matchers:
-      - type: word
-        part: cipher
-        words:
-          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_IDEA_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
-          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_RSA_WITH_AES_128_CCM"
-          - "TLS_RSA_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM_8"
-          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_CCM_8"
-          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_WITH_AES_128_CCM_8"
-          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_PSK_WITH_AES_128_CCM"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
-          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
-          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
-          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
-          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
-          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
-          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
-          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
-          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_RSA_WITH_SEED_CBC_SHA"
-          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
-          - "TLS_PSK_WITH_AES_256_CCM"
-          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
-          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
-          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
-          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
-          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_PSK_WITH_AES_256_CCM_8"
-          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
-          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
-          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
-          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
-        condition: or
+id: weak-cipher-suites
+
+info:
+  name: Weak Cipher Suites Detection
+  author: pussycat0x
+  severity: medium
+  reference:
+    - https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
+    - http://ciphersuite.info
+  description:
+    A weak cipher is defined as an encryption/decryption algorithm that uses a key of insufficient length. Using an insufficient length for a key
+    in an encryption/decryption algorithm opens up the possibility (or probability) that the encryption scheme could be broken.
+  tags: ssl,tls,misconfig
+
+ssl:
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls10
+    max_version: tls10
+
+    extractors:
+      - type: dsl
+        dsl:
+          - "tls_version, cipher"
+
+    matchers:
+      - type: word
+        part: cipher
+        words:
+          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_IDEA_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_RSA_WITH_AES_128_CCM"
+          - "TLS_RSA_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM_8"
+          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_CCM_8"
+          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CCM_8"
+          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CCM_8"
+          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
+        condition: or
+
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls11
+    max_version: tls11
+
+    extractors:
+      - type: dsl
+        dsl:
+          - "tls_version, cipher"
+
+    matchers:
+      - type: word
+        part: cipher
+        words:
+          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_IDEA_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_RSA_WITH_AES_128_CCM"
+          - "TLS_RSA_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM_8"
+          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_CCM_8"
+          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CCM_8"
+          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CCM_8"
+          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
+        condition: or
+
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls12
+    max_version: tls12
+
+    extractors:
+      - type: dsl
+        dsl:
+          - "tls_version, cipher"
+
+    matchers:
+      - type: word
+        part: cipher
+        words:
+          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_IDEA_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_RSA_WITH_AES_128_CCM"
+          - "TLS_RSA_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM_8"
+          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_CCM_8"
+          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CCM_8"
+          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CCM_8"
+          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
+        condition: or
+
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls13
+    max_version: tls13
+
+    extractors:
+      - type: dsl
+        dsl:
+          - "tls_version, cipher"
+
+    matchers:
+      - type: word
+        part: cipher
+        words:
+          - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_IDEA_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DH_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
+          - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_RSA_WITH_AES_128_CCM"
+          - "TLS_RSA_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_SEED_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM_8"
+          - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_CCM_8"
+          - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_WITH_AES_128_CCM_8"
+          - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_PSK_WITH_AES_128_CCM"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
+          - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
+          - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
+          - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_RSA_WITH_AES_256_CBC_SHA256"
+          - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+          - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_PSK_WITH_AES_128_GCM_SHA256"
+          - "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_GCM_SHA384"
+          - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
+          - "TLS_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_RSA_WITH_SEED_CBC_SHA"
+          - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
+          - "TLS_PSK_WITH_AES_256_CCM"
+          - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
+          - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+          - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
+          - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
+          - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_PSK_WITH_AES_256_CCM_8"
+          - "TLS_RSA_WITH_AES_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+          - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
+          - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
+          - "TLS_KRB5_WITH_IDEA_CBC_SHA"
+        condition: or
diff --git a/technologies/xerox-workcentre-detect.yaml b/technologies/xerox-workcentre-detect.yaml
index d55012c6b6..c6610fcdff 100644
--- a/technologies/xerox-workcentre-detect.yaml
+++ b/technologies/xerox-workcentre-detect.yaml
@@ -1,28 +1,28 @@
-id: xerox-workcentre-detect
-
-info:
-  name: Xerox Workcentre Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    verified: true
-    shodan-query: title:"XEROX WORKCENTRE"
-  tags: tech,xerox,workcentre
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/index.dhtml"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "XEROX WORKCENTRE"
-          - "/header.php?tab=status"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+id: xerox-workcentre-detect
+
+info:
+  name: Xerox Workcentre Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"XEROX WORKCENTRE"
+  tags: tech,xerox,workcentre
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.dhtml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "XEROX WORKCENTRE"
+          - "/header.php?tab=status"
+        condition: and
+
+      - type: status
+        status:
+          - 200