Full contribution, see git log.

* Dirk Wetter (creator, maintainer and main contributor)
  - Everything what's not mentioned below and is included in testssl.sh's git log
    minus what I probably forgot to mention
  (too much other things to do at the moment and to list it would be a tough job)

* David Cooper (main contributor)
  - Major extensions to socket support for all protocols
  - extended parsing of TLS ServerHello messages
  - TLS 1.3 support (final and pre-final) with needed en/decryption
  - add several TLS extensions
  - Detection + output of multiple certificates
  - several cleanups of server certificate related stuff
  - testssl.sh -e/-E: testing with a mixture of openssl + sockets
  - add more ciphers
  - coloring of ciphers
  - extensive CN+SAN <--> hostname check
  - separate check for curves
  - RFC 7919, key shares extension
  - keyUsage extension in certificate
  - experimental "eTLS" detection
  - parallel mass testing!
  - RFC <--> OpenSSL cipher name space switches for the command line
  - better error msg suppression (not fully installed openssl)
  - GREASE support
  - Bleichenbacher / ROBOT vulnerability test
  - several protocol preferences improvements
  - pwnedkeys.com support
  - CT support
  - Extract CA list CertificateRequest message is encountered
  - RFC 8879, certificate compression
  - 128 cipher limit, padding
  - compatibility for LibreSSL and different OpenSSL versions
  - Check for ffdhe groups
  - TLS 1.2 and TLS 1.3 sig algs added
  - Show server supported signature algorithms
  - Show supported certification authorities sent by the server when client auth is requested
  - Provide a better verdict wrt to server order: Now per protocol and ciphers are weighted for each protocol
 -  Provide compatibility to every LibreSSL/OpenSSL versions
  - Lots of fixes and improvements

##### Further credits (in alphabetical order)

* a666
  - Bugfix

* Christoph Badura
  - NetBSD fixes

* Jim Blankendaal
  - maximum certificate lifespan of 398 days
  - ssl renegotiation amount variable
  - custom http request headers

* Frank Breedijk
  - Detection of insecure redirects
  - JSON and CSV output
  - CA pinning
  - Client simulations
  - CI integration, some test cases for it

* Steven Danneman
  - Postgres and MySQL STARTTLS support
  - MongoDB support

* Christian Dresen
   - Dockerfile

* csett86
   - some MacOSX and Java client handshake data

* Mark Felder
  - lots of cleanups
  - Shellcheck static analysis

* Laine Gholson
  - avahi/mDNS support
  - HTTP2/ALPN
  - bugfixes
  - former ARM binary support

* Maciej Grela
  - colorless handling

* Jac2NL
  - initial support for skipping offensive vulnerability tests

* Scott Johnson
  - Bugfix F5

* Hubert Kario
  - helped with avoiding accidental TCP fragmentation

* Brennan Kinney
  - refactored multistage Dockerfiles: performance gain+address bugs/inconsistencies

* Magnus Larsen
  - SSL Labs Rating

* Jacco de Leeuw
  - skip checks which might trigger an IDS ($OFFENSIVE / --ids-friendly)

* Manuel
  - HTTP basic auth

* Markus Manzke
  - Fix for HSTS + subdomains
  - LibreSSL patch

* Jean Marsault
  - client auth: ideas, code snippets

* Thomas Martens
  - adding colorblind option
  - no-rfc mapping

* Peter Mosmans
  - started way better cmd line parsing
  - cleanups, fixes
  - openssl sources support with the "missing" features

* John Newbigin
  - Proxy support (sockets and openssl)

* Oleksandr Nosenko
  - non-flat JSON support (--json-pretty)
  - in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level

* Jonathan Roach
  - TLS_FALLBACK_SCSV checks

* Jonathon Rossi
  - fix for bash3 (Darwin)
  - and other Darwin fixes

* Дилян Палаузов
  - bug fix for 3des report
  - reported a tricky STARTTLS bug

* Thomas Patzke:
  - Support of supplying timeout value for openssl connect

* Olivier Paroz
  - conversion xxd --> hexdump stuff

* Jeroen Wiert Pluimers
  - Darwin binaries support

* Joao Poupino
  - Minimize false positive detection for Renegotiation checks against Node.js etc.

* Rechi
  - initial MX stuff
  - fixes

* Gonçalo Ribeiro
  - --connect-timeout

* Dmitri S
  - inspiration & help for Darwin port

* Jonas Schäfer
  - XMPP server patch

* Maurizio Siddu
  - added --mTLS feature

* Marcin Szychowski
  - Quick'n'dirty client certificate support

* Viktor Szépe
  - color function maker

* Julien Vehent
  - supplied 1st Darwin binary

* Thomas Ward
  - add initial IDN support

* @typingArtist
  - improved BEAST detection

* @f-s
  - ARM binary support

* @nvsofts (NV)
  - LibreSSL patch for GOST

* @w4ntun
  - fixed DNS via proxy

Probably more I forgot to mention which did give me feedback, bug reports and helped one way or another.


##### Last but not least:

* OpenSSL team for providing openssl.

* Ivan Ristic/Qualys for the liberal license which made it possible to make partly use of the client data

* My family for supporting me doing this work