His masscan tool has heartbleed detection options too; and it's stunningly fast. I can scan my /16 in about 10 seconds ... and I reliably get the same results, which appear to be complete. Other 'fast' tools I've tried at the same speed on the same hardware are unreliable.

-jim

On Wed, Apr 16, 2014 at 8:14 AM, Juha Saarinen <juha@saarinen.org> wrote:

https://github.com/robertdavidgraham/heartleech

From the read me:

A typical "heartbleed" tool. What makes this different is:

autopwn most (-a) that does all the steps needed to get private key

post-handshake (encrypted) heartbeats instead of during handshake
evades Snort IDS rules
loops making repeated requests (-l <loopcount>)

dumps binary data to file (-f <filename>)

IPv4 or IPv6 (-v <IPver>)

full 64k heartbleeds

--��
Juha Saarinen

twitter:��juhasaarinen

_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog