Forensics Tools InfoSec Pentesting Tools Vulnerability Analysis

Heartbleed Scanner – Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Scanner – Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)
-t parameter to optimize the timeout in seconds.
-f parameter to log the memleak of vulnerable systems.
-n parameter to scan entire network.
-i parameter to scan from a list file. Useful if you already have targets.
-r parameter to randomize the IP addresses to avoid linear scanning.
-s parameter to exploit services that requires plaintext command to start SSL/TLS (HTTPS/SMTP/POP3/IMAP)
Sample usage
To scan your local network for heartbleed vulnerability (https/443) and save the leaks into a file:

python -n -f localscan.txt -r

To scan the same network against SMTP Over SSL/TLS and randomize the IP addresses

python -n -p 25 -s SMTP -r

If you already have a target list which you created by using nmap/zmap

python -i targetlist.txt


Before using Heartbleed Vulnerability Scanner, you should install python-netaddr package.
CentOS or CentOS-like systems :

yum install python-netaddr

Ubuntu or Debian-like systems :

apt-get insall python-netaddr

Download Heartbleed Vulnerability Scanner

Post Comment