Unlock the full power and feature of our OpenSSL Heartbleed vulnerability scanner! Compare pricing plans and discover more tools and features.
Here is a OpenSSL Heartbleed vulnerability scanner sample report:
This tool attempts to identify servers vulnerable to the OpenSSL Heartbleed vulnerability (CVE-2014-0160). When such a server is discovered, the tool also provides a memory dump from the affected server.
|Target host(s)||This can be an IP address or a hostname. When a single IP/hostname is being scanned, the tool will try to read a piece of server memory in order to prove the vulnerability.|
|Target service||This is the service that will be scanned for Heartbleed vulnerability. The protocols that are supported right now are: HTTPS (default), SMTP, IMAP, POP3 and FTP.|
|Target port||This is the port associated with the target service and it can be changed as non-default port. Default: 443/HTTPS.|
|Do reverse DNS||When checked, the tool will return the hostname of that IP configured in DNS. This option slows down the scan and is disabled by default.|
Client -> Server: Client Hello
Server -> Client: Server Hello
Server -> Client: Certificate, Server Key Exchange, Server Hello Done
Client -> Server: Heartbeat Request ('payload length'=64k, small actual payload data)
Server -> Client: Heartbeat Response (containing server memory in payload data)