His masscan tool has heartbleed detection options too; and it's stunningly fast. I can scan my /16 in about 10 seconds ... and I reliably get the same results, which appear to be complete. Other 'fast' tools I've tried at the same speed on the same hardware are unreliable.

-jim


On Wed, Apr 16, 2014 at 8:14 AM, Juha Saarinen <juha@saarinen.org> wrote:
https://github.com/robertdavidgraham/heartleech


From the read me:

A typical "heartbleed" tool. What makes this different is:

  • autopwn most (-a) that does all the steps needed to get private key
  • post-handshake (encrypted) heartbeats instead of during handshake
  • evades Snort IDS rules
  • loops making repeated requests (-l <loopcount>)
  • dumps binary data to file (-f <filename>)
  • IPv4 or IPv6 (-v <IPver>)
  • full 64k heartbleeds


-- 
Juha Saarinen
twitter: juhasaarinen


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog