NAME

       heartbleeder - Test servers for OpenSSL CVE-2014-0160, aka Heartbleed

SYNOPSIS

       heartbleeder [options] host[:443]

DESCRIPTION

       heartbleeder  is a tool that tests remotely (over a network) if a system is compromised by
       an insecure OpenSSL service, in accordance with CVE-2014-0160, aka Heartbleed.

       More about Heartbleed Bug can be viewed at http://heartbleed.com.

OPTIONS

       -hostfile=""
              Path to a newline separated file with hosts or IPs.

       -listen="localhost:5000"
              Address to serve HTTP dashboard from.

       -pg=false
              Check PostgreSQL TLS. This option is incompatible with -hostfile.

       -refresh=10m0s
              Seconds to wait before rechecking secure hosts.

       -retry=10s
              Seconds to wait before retesting a host after an unfavorable response.

       -timeout=5s
              Timeout after sending heartbeat.

       -workers=40
              Number of workers to scan hosts with, only used with hostfile flag.

NOTES

       Multiple hosts may be monitored by  setting  '-hostfile'  flag  to  a  file  with  newline
       separated  addresses.  A  web  dashboard  will  be available at 'http://localhost:5000' by
       default.

       Postgres uses OpenSSL in a slightly different way. To test whether a  Postgres  server  is
       vulnerable, run the following (defaults to port 5432). Example:

       $ heartbleeder -pg example.com.br

WARNING

       No  guarantees  are  made  about  the  accuracy  of  results,  and  you should verify them
       independently by checking your OpenSSL build.

AUTHOR

       heartbleeder  was  written  by  Jonathan  Rudenberg   <jonathan@titanous.com>.   The   TLS
       implementation was borrowed from the Go standard library.  This manual page was written by
       Joao Eriberto Mota Filho <eriberto@eriberto.pro.br> for the Debian  project  (but  may  be
       used by others). The heartbleeder help page was the source.