Open In App

MassBleed – Open Source SSL Vulnerability Scanner

Improve
Improve
Like Article
Like
Save
Share
Report

Heartbleed bug or SSL vuln is a vulnerability in the OpenSSL, a popular open-source cryptographic library that assists in the implementation of SSL and TLS protocols. Along with this CCS; Poodle, Winshock, and DROWN are also the vulnerability that can raise with SSL Protocol. Massbleed is the tool that scans the specified IP/ Host for these SSL Bugs. Massbleed tool is developed in the Shell Script and it is an automated tool. Massbleed tool is available on the GitHub Platform, it’s free and completely open-source so anyone can contribute to it. We only need to provide the IP address of the target host, then the rest of the scanning process is done by the Massbleed tool.

Installation of MassBleed Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/1N3/MassBleed.git 

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd MassBleed

Step 3: Change the file permissions of the scripts as shown below.

sudo chmod +x massbleed.sh
sudo chmod +x heartbleed.py 
sudo chmod +x openssl_ccs.pl 
sudo chmod +x winshock.sh

Step 4: Verify the installation using the following command.

sh massbleed.sh

Working with MassBleed Tool on Kali Linux OS

Example 1: Scanning the IP Address

./massbleed.sh 69.164.223.208

In this example, we will be scanning IP 69.164.223.208 which is a testing site.

Example 2: Scan the target web application for the HeartBleed vulnerabilities.

python3 heartbleed.py 34.218.62.116

In this example, we will be testing the geeksforgeeks.org site for HeartBleed Vulnerability.


Last Updated : 14 Sep, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads