Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
31 lines (26 sloc) 1.78 KB

This tool allows you to scan multiple hosts for Heartbleed, in an efficient multi-threaded manner.

This tests for OpenSSL versions vulnerable to Heartbleed without exploiting the server, so the heartbeat request does not cause the server to leak any data from memory or expose any data in an unauthorized manner. This Mozilla blog post outlines the method used.

Usage: ssltest.py  [network2] [network3] ...

Test for SSL heartbleed vulnerability (CVE-2014-0160) on multiple domains

Options:
  -h, --help            show this help message and exit
  -p PORT, --port=PORT  Port to scan on all hosts or networks, default 443
  -i INPUT_FILE, --input=INPUT_FILE
                        Optional input file of networks or ip addresses, one
                        address per line
  -o LOG_FILE, --logfile=LOG_FILE
                        Optional logfile destination
  --resume              Do not rescan hosts that are already in the logfile
  -t TIMEOUT, --timeout=TIMEOUT
                        How long to wait for remote host to respond before
                        timing out
  --threads=THREADS     If specific, run X concurrent threads
  --json=JSON_FILE      Save data as json into this file
  --only-vulnerable     Only scan hosts that have been scanned before and were
                        vulnerable
  --only-unscanned      Only scan hosts that appear in the json file but have
                        not been scanned
  --summary             Useful with --json. Don't scan, just print old results
  --verbose             Print verbose information to screen
  --max=MAX             Exit program after scanning X hosts. Useful with
                        --only-unscanned