His masscan tool has heartbleed detection options too; and it's stunningly
fast. I can scan my /16 in about 10 seconds ... and I reliably get the same
results, which appear to be complete. Other 'fast' tools I've tried at the
same speed on the same hardware are unreliable.
-jim
On Wed, Apr 16, 2014 at 8:14 AM, Juha Saarinen
https://github.com/robertdavidgraham/heartleech
From the read me:
A typical "heartbleed" tool. What makes this different is:
- autopwn most (-a) that does all the steps needed to get private key - post-handshake (encrypted) heartbeats instead of during handshake - evades Snort IDS rules - loops making repeated requests (-l <loopcount>) - dumps binary data to file (-f <filename>) - IPv4 or IPv6 (-v <IPver>) - full 64k heartbleeds
-- Juha Saarinen twitter: juhasaarinen http://twitter.com/juhasaarinen
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog