Skip to content
Related Articles

Related Articles

Save Article
Improve Article
Save Article
Like Article

MassBleed – Open Source SSL Vulnerability Scanner

  • Difficulty Level : Hard
  • Last Updated : 14 Sep, 2021

Heartbleed bug or SSL vuln is a vulnerability in the OpenSSL, a popular open-source cryptographic library that assists in the implementation of SSL and TLS protocols. Along with this CCS; Poodle, Winshock, and DROWN are also the vulnerability that can raise with SSL Protocol. Massbleed is the tool that scans the specified IP/ Host for these SSL Bugs. Massbleed tool is developed in the Shell Script and it is an automated tool. Massbleed tool is available on the GitHub Platform, it’s free and completely open-source so anyone can contribute to it. We only need to provide the IP address of the target host, then the rest of the scanning process is done by the Massbleed tool.

Installation of MassBleed Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/1N3/MassBleed.git 

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd MassBleed



Step 3: Change the file permissions of the scripts as shown below.

sudo chmod +x massbleed.sh
sudo chmod +x heartbleed.py 
sudo chmod +x openssl_ccs.pl 
sudo chmod +x winshock.sh

Step 4: Verify the installation using the following command.

sh massbleed.sh

Working with MassBleed Tool on Kali Linux OS

Example 1: Scanning the IP Address

./massbleed.sh 69.164.223.208

In this example, we will be scanning IP 69.164.223.208 which is a testing site.

Example 2: Scan the target web application for the HeartBleed vulnerabilities.

python3 heartbleed.py 34.218.62.116

In this example, we will be testing the geeksforgeeks.org site for HeartBleed Vulnerability.

My Personal Notes arrow_drop_up
Recommended Articles
Page :