His masscan tool has heartbleed detection options too; and it's stunningly fast. I can scan my /16 in about 10 seconds ... and I reliably get the same results, which appear to be complete. Other 'fast' tools I've tried at the same speed on the same hardware are unreliable. -jim On Wed, Apr 16, 2014 at 8:14 AM, Juha Saarinen <juha(a)saarinen.org> wrote:
https://github.com/robertdavidgraham/heartleech
From the read me:
A typical "heartbleed" tool. What makes this different is:
- autopwn most (-a) that does all the steps needed to get private key - post-handshake (encrypted) heartbeats instead of during handshake - evades Snort IDS rules - loops making repeated requests (-l <loopcount>) - dumps binary data to file (-f <filename>) - IPv4 or IPv6 (-v <IPver>) - full 64k heartbleeds
-- Juha Saarinen twitter: juhasaarinen <http://twitter.com/juhasaarinen>
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog