/heartbleeder

OpenSSL CVE-2014-0160 Heartbleed vulnerability test

Primary LanguageGoBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Heartbleeder

Tests your servers for OpenSSL CVE-2014-0160 aka Heartbleed.

WARNING: This is very untested, and you should verify the results independently. Pull requests welcome.

Usage

$ heartbleeder example.com
INSECURE - example.com:443 has the heartbeat extension enabled and is vulnerable

Binaries are available from gobuild.io.

Build from source by running go get github.com/V-E-O/heartbleeder, which will put the code in $GOPATH/src/github.com/V-E-O/heartbleeder and a binary at $GOPATH/bin/heartbleeder.

Credits

The TLS implementation was borrowed from the Go standard library.