Forensics Tools InfoSec Pentesting Tools Vulnerability Analysis

Heartbleed Scanner – Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Scanner – Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

-t parameter to optimize the timeout in seconds.
-f parameter to log the memleak of vulnerable systems.
-n parameter to scan entire network.
-i parameter to scan from a list file. Useful if you already have targets.
-r parameter to randomize the IP addresses to avoid linear scanning.
-s parameter to exploit services that requires plaintext command to start SSL/TLS (HTTPS/SMTP/POP3/IMAP)

Sample usage

To scan your local 192.168.1.0/24 network for heartbleed vulnerability (https/443) and save the leaks into a file:

To scan the same network against SMTP Over SSL/TLS and randomize the IP addresses

If you already have a target list which you created by using nmap/zmap


Dependencies

Before using Heartbleed Vulnerability Scanner, you should install python-netaddr package.

CentOS or CentOS-like systems :

Ubuntu or Debian-like systems :

Download Heartbleed Vulnerability Scanner

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply