His masscan tool has heartbleed detection options too; and it's stunningly fast. I can scan my /16 in about 10 seconds ... and I reliably get the same results, which appear to be complete. Other 'fast' tools I've tried at the same speed on the same hardware are unreliable.


On Wed, Apr 16, 2014 at 8:14 AM, Juha Saarinen <juha@saarinen.org> wrote:

From the read me:

A typical "heartbleed" tool. What makes this different is:

  • autopwn most (-a) that does all the steps needed to get private key
  • post-handshake (encrypted) heartbeats instead of during handshake
  • evades Snort IDS rules
  • loops making repeated requests (-l <loopcount>)
  • dumps binary data to file (-f <filename>)
  • IPv4 or IPv6 (-v <IPver>)
  • full 64k heartbleeds

Juha Saarinen
twitter: juhasaarinen

NZNOG mailing list