Death by Heartbleed

Posted: 2014/04/09 in Uncategorized

With all the news of the Heartbleed SSL flaw in the media this week IT staff have been working to lock things down on servers & services.

Here are 3 Simple ways to Identify if a domain is vulnerable to a Heartbleed

Method 1
From any host running Chrome Web Browser search for and install the following extension


Now browse to the Domain name in question to validate the status.
If the domain is vulnerable you will see a message similar to the following

Method 2
Use a web based service such as the one found here:

Method 3
For scanning multiple sites at once we have created the following script.

Usage :

‘./ domain-list.txt’

Output Examples :

'TLS server extension heartbeat' 

The above output should be further investigated to verify the vulnerability.

More Info:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s