diff --git a/pkgs/development/python-modules/sslyze/default.nix b/pkgs/development/python-modules/sslyze/default.nix
index 5680b4bd36b3..587572646abc 100644
--- a/pkgs/development/python-modules/sslyze/default.nix
+++ b/pkgs/development/python-modules/sslyze/default.nix
@@ -1,52 +1,107 @@
 { lib
 , fetchFromGitHub
 , buildPythonPackage
-, nassl
-, cryptography
-, typing-extensions
-, faker
 , pytestCheckHook
 , pythonOlder
+  # deps
+, cryptography
+, nassl
+, pydantic
+, tls-parser
+  # check deps
+, faker
+, openssl_1_0_2
+, openssl_1_1
 }:
 
 buildPythonPackage rec {
   pname = "sslyze";
-  version = "4.1.0";
+  version = "5.0.0";
   disabled = pythonOlder "3.7";
 
   src = fetchFromGitHub {
     owner = "nabla-c0d3";
     repo = pname;
     rev = version;
-    hash = "sha256-oSTKNiECczlPAbv5Azc023PcquFbnlC5O+8tVgNcUW0=";
+    hash = "sha256-7kUriEMHcGCXKs42KVWxXvM+JEEWf/8tnuoGujHbqHY=";
   };
 
   patchPhase = ''
     substituteInPlace setup.py \
-      --replace "cryptography>=2.6,<3.5" "cryptography>=2.6,<4.0"
+      --replace "cryptography>=2.6,<36.0.0" "cryptography>=2.6"
   '';
 
-  checkInputs = [ pytestCheckHook ];
+  checkInputs = [
+    pytestCheckHook
+    faker
+  ];
 
   # Most of the tests are online; hence, applicable tests are listed
   # explicitly here
   pytestFlagsArray = [
-    "tests/test_main.py"
-    "tests/test_scanner.py"
     "tests/cli_tests/test_console_output.py"
-    "tests/cli_tests/test_json_output.py"
     "tests/cli_tests/test_server_string_parser.py"
-    "tests/plugins_tests/test_scan_commands.py"
+    "tests/json_tests/test_json_output.py"
+    "tests/plugins_tests/certificate_info/test_certificate_algorithms.py"
     "tests/plugins_tests/certificate_info/test_certificate_utils.py"
+    "tests/plugins_tests/certificate_info/test_symantec.py"
+    "tests/plugins_tests/certificate_info/test_trust_store_repository.py"
+    "tests/plugins_tests/openssl_cipher_suites/test_cipher_suites.py"
+    "tests/plugins_tests/test_early_data_plugin.py"
+    "tests/plugins_tests/test_http_headers_plugin.py"
+    "tests/plugins_tests/test_robot_plugin.py"
+    "tests/plugins_tests/test_scan_commands.py"
+    "tests/plugins_tests/test_session_renegotiation_plugin.py"
+    "tests/scanner_tests/test_jobs_worker_thread.py"
+    "tests/scanner_tests/test_mass_scanner.py"
+    "tests/scanner_tests/test_models.py"
+    "tests/scanner_tests/test_scanner.py"
+    "tests/server_connectivity_tests/test_client_authentication.py"
   ];
 
   disabledTests = [
-    "test_error_client_certificate_needed"
+    # TestEllipticCurvesPluginWithOnlineServer
+    "test_supported_curves"
+    # TestRobotPluginPlugin
+    "test_robot_attack_good"
+    # TestHttpHeadersPlugin
+    "test_all_headers_disabled"
+    "test_expect_ct_enabled"
+    "test_hsts_enabled"
+    # TestSessionRenegotiationPlugin
+    "test_renegotiation_good"
+    # TestCertificateAlgorithms
+    "test_ecdsa_certificate"
+    "test_invalid_certificate_bad_name"
+    # TestEarlyDataPlugin
+    "test_early_data_enabled"
+    # TestTrustStoresRepository
+    "test_update_default"
+    # TestClientAuthentication
+    "test_optional_client_authentication"
   ];
 
+  # Some tests require OpenSSL
+  preCheck = ''
+    pushd $TMPDIR/$sourceRoot/tests/openssl_server/
+
+    rm openssl-1-1-1-linux64
+    ln -s ${openssl_1_1.bin}/bin/openssl openssl-1-1-1-linux64
+
+    rm openssl-1-0-0e-linux64
+    ln -s ${openssl_1_0_2.bin}/bin/openssl openssl-1-0-0e-linux64
+
+    popd
+  '';
+
   pythonImportsCheck = [ "sslyze" ];
 
-  propagatedBuildInputs = [ nassl cryptography typing-extensions faker ];
+  propagatedBuildInputs = [
+    cryptography
+    nassl
+    pydantic
+    tls-parser
+  ];
 
   meta = with lib; {
     homepage = "https://github.com/nabla-c0d3/sslyze";