CVE-2014-0160

This Python script demonstrates CVE-2014-0160 (Heartbleed) by sending a malformed TLS heartbeat request to a server and analyzing the response to detect memory leakage. It supports multiple SSL/TLS versions and checks for vulnerability by verifying if the server returns more data than expected.

This Python script demonstrates CVE-2014-0160 (Heartbleed) by sending a malformed TLS heartbeat request to a server and analyzing the response to determine if it leaks memory contents. It includes functions for sending crafted packets and parsing responses to detect vulnerability.

This repository contains a Go-based tool for detecting the Heartbleed vulnerability (CVE-2014-0160) in TLS/SSL services. It includes functionality to test various services (HTTPS, FTP, SMTP, etc.) and checks for vulnerable OpenSSL implementations by sending malformed heartbeat requests.

This is a multi-threaded scanner for CVE-2014-0160 (Heartbleed) that checks if remote hosts are vulnerable by sending a crafted heartbeat request without exploiting the server to leak data. It supports scanning multiple hosts, logging results, and resuming scans.

This repository contains a Go-based tool to test for the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It includes functionality to scan single or multiple hosts, supports PostgreSQL, and provides a web dashboard for monitoring.

This repository contains a working proof-of-concept exploit for CVE-2014-0160 (Heartbleed), targeting OpenSSL clients and servers. It includes tools to test for vulnerability by sending malformed heartbeat requests to leak memory contents.

This repository contains a Python-based proof-of-concept exploit for CVE-2014-0160 (Heartbleed), which allows reading memory from vulnerable OpenSSL servers. It includes tools for testing and exploiting the vulnerability, as well as guidance for analyzing leaked data.

This repository contains a set of tools for detecting and exploiting the OpenSSL Heartbleed vulnerability (CVE-2014-0160), including a scanner, data miner, and RSA key restoration utilities. The tools are designed to test for vulnerability, dump memory contents, and recover private keys from vulnerable servers.

This is a functional Python PoC for CVE-2014-0160 (Heartbleed), demonstrating memory leakage from vulnerable OpenSSL servers by exploiting malformed TLS heartbeat requests. It connects to a target, performs the handshake, and extracts sensitive data from server memory.

This repository contains a functional proof-of-concept for CVE-2014-0160 (Heartbleed), including scripts to test and exploit vulnerable OpenSSL services. It automates detection and data extraction from vulnerable hosts.

This repository provides an Ansible playbook to patch systems vulnerable to CVE-2014-0160 (Heartbleed). It includes instructions for upgrading OpenSSL on Debian-based systems and checking for vulnerability status.

This is a Maltego transform script that tests for the OpenSSL Heartbleed vulnerability (CVE-2014-0160) by sending a malformed heartbeat request to a target server and checking for an excessive response. It is designed to integrate with Maltego for vulnerability detection.

This is a functional Python script that exploits the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It includes both a scanner to detect vulnerable hosts and a monitor to extract leaked memory data.

This repository provides a Docker container with a vulnerable OpenSSL version (1.0.1f) to demonstrate CVE-2014-0160 (Heartbleed). It includes instructions for verification and exploitation using Nmap and Metasploit to leak memory contents.

This repository contains a Python-based network scanner for detecting the OpenSSL Heartbleed vulnerability (CVE-2014-0160). It supports scanning individual hosts, networks, or lists of targets, and can log leaked memory from vulnerable systems.

This repository contains a Python-based proof-of-concept exploit for CVE-2014-0160 (Heartbleed), which allows an attacker to leak memory contents from vulnerable OpenSSL servers via malformed heartbeat requests. The script includes functionality for scanning, monitoring, and extracting printable data from vulnerable hosts.

This is a functional proof-of-concept tool for testing the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It sends a malformed heartbeat request to a server and checks if it returns more data than it should, indicating vulnerability.

This repository contains a Perl script to test for the Heartbleed vulnerability (CVE-2014-0160) in SSL/TLS services, including support for STARTTLS protocols. It also includes a Python script to scan Tor network relays for vulnerability.

This repository contains a functional proof-of-concept exploit for CVE-2014-0160 (Heartbleed), demonstrating memory leakage from vulnerable OpenSSL servers. The exploit sends malformed heartbeat requests to extract sensitive data from server memory.

This repository contains a Python-based scanner tool (A2SV) designed to detect multiple SSL/TLS vulnerabilities, including CVE-2015-0204 (FREAK Attack). It automates the scanning process for various CVEs by leveraging Python scripts and dependencies.

This repository contains a proof-of-concept exploit for CVE-2014-0160 (Heartbleed) specifically targeting DTLS. It includes code to craft malicious DTLS handshake messages to trigger the heartbeat vulnerability and leak memory contents.

This repository contains a Node.js implementation of a scanner for CVE-2014-0160 (Heartbleed), which checks if a target server is vulnerable by sending a malformed heartbeat request and analyzing the response.

This repository is a writeup and resource collection for CVE-2014-0160 (Heartbleed), describing the vulnerability and providing references to tools for scanning and patching. It does not contain exploit code but links to external tools like Metasploit and Nmap scripts.

This repository contains a Go-based server for testing the Heartbleed vulnerability (CVE-2014-0160). It provides endpoints to check if a target is vulnerable to Heartbleed and includes caching and metrics support.

This is a Python-based PoC for CVE-2014-0160 (Heartbleed), which exploits a buffer over-read vulnerability in OpenSSL's TLS heartbeat extension to leak server memory. The script performs a full TLS handshake and sends a crafted heartbeat request to detect and extract leaked data.

This repository is a workshop on modern fuzzing techniques, including a lesson on finding CVE-2014-0160 (Heartbleed). It provides theoretical and practical lessons on fuzzing C/C++ projects using tools like libFuzzer and radamsa.

This is a functional proof-of-concept exploit for CVE-2014-0160 (Heartbleed), demonstrating memory leakage from vulnerable OpenSSL servers via malformed heartbeat requests. The code includes a client that sends a crafted TLS heartbeat message to trigger the vulnerability and dumps leaked memory contents.

This repository contains a tool called Suture designed to scan AWS EC2 instances for the Heartbleed vulnerability (CVE-2014-0160) by executing remote commands via SSH. It checks the OpenSSL version and compares it against known vulnerable versions.

This repository contains a multithreaded scanner for detecting the Heartbleed vulnerability (CVE-2014-0160) in TLS/SSL servers. It reads target hosts from input files and tests them for vulnerability using the Heartbeat extension.

This is a Python script that checks for the Heartbleed vulnerability (CVE-2014-0160) in SSL/TLS implementations. It sends a malformed heartbeat request to a target server and analyzes the response to determine if the server is vulnerable.

This repository contains a Go-based scanner for detecting CVE-2014-0160 (Heartbleed) in OpenSSL by checking if the heartbeat extension is enabled and vulnerable. It scans CIDR blocks asynchronously and reports vulnerable or secure hosts.

This repository provides a README referencing an Nmap script for detecting the Heartbleed vulnerability (CVE-2014-0160). It includes links to the official Nmap script and additional resources but does not contain exploit code itself.

This repository contains a functional exploit for CVE-2014-0160 (Heartbleed), including a Dockerfile to set up a vulnerable environment and a Python script to exploit the vulnerability. The script sends malformed heartbeat requests to extract memory contents from vulnerable OpenSSL servers.

This repository contains a functional PoC for CVE-2014-0160 (Heartbleed), including an exploit script (`heartbleed.py`) that tests for the SSL heartbeat vulnerability and a Docker-based vulnerable server setup. Additional scripts simulate data spoofing to demonstrate the impact of the vulnerability.

This repository contains a demonstration of the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL, including a Python script to exploit the vulnerability and extract sensitive information such as session cookies. The setup involves Docker containers for a vulnerable server, a hacker, and a victim.

This repository provides a Docker-based environment to demonstrate the HeartBleed vulnerability (CVE-2014-0160). It includes a vulnerable OpenSSL setup and a simple web application to test the exploit.

The repository contains a truncated jQuery library file and a README, but no functional exploit code for CVE-2014-0160 (Heartbleed). The provided code is unrelated to the vulnerability.

This is a functional Ruby-based PoC for CVE-2014-0160 (Heartbleed), which exploits the OpenSSL vulnerability to leak memory contents from vulnerable servers. It sends a malformed Heartbeat request to extract ~64KB of data from the server's memory.

This Perl script scans remote hosts for SSLv3 support using OpenSSL's s_client command. It checks for SSLv3 vulnerabilities by attempting connections and reporting whether the protocol is supported or not.

This is a Firefox extension that scans websites for the Heartbleed vulnerability (CVE-2014-0160) by querying a remote server. It does not exploit the vulnerability directly but checks if a host is vulnerable.

This repository contains a shell script to mitigate CVE-2014-0160 (Heartbleed) by upgrading OpenSSL and regenerating SSL certificates. It automates the patching process for Debian/Ubuntu systems.

The repository contains only a README file describing an educational lab for studying CVE-2014-0160 (Heartbleed) without any actual exploit code or technical details.

This repository contains a functional proof-of-concept for CVE-2014-0160 (Heartbleed), including a modified OpenSSL binary and an exploit script. The exploit leverages the Heartbleed vulnerability to leak memory contents, with a modified version of the vulnerability to reliably leak the server's private key 10% of the time.

This repository provides a detailed technical analysis of CVE-2014-0160 (Heartbleed), including root cause, impact, affected versions, and mitigation steps. It does not contain exploit code but offers a comprehensive writeup on the vulnerability.

This repository provides a detailed technical analysis of CVE-2014-0160 (Heartbleed), including root cause, impact, affected versions, and mitigation steps. It does not contain exploit code but offers a comprehensive writeup on the vulnerability.

This repository provides a detailed technical analysis of CVE-2014-0160 (Heartbleed), including root cause, impact, affected versions, and mitigation steps. It does not contain exploit code but offers a comprehensive writeup on the vulnerability.

This repository provides a lab environment to demonstrate the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL, allowing memory leakage from a vulnerable nginx server. It includes a Flask app to simulate sensitive data storage and a script to trigger memory leaks via TLS heartbeat requests.

This is a functional PoC exploit for CVE-2014-0160 (Heartbleed), targeting OpenSSL 1.0.1-1.0.1f. It leverages the heartbeat extension vulnerability to leak memory contents from vulnerable servers, with additional 'CTT Temporal Resonance' enhancements for layered memory extraction.

This repository contains a Java-based exploit for CVE-2014-0160 (Heartbleed) along with supporting Bash scripts to flood memory with sensitive data. The exploit targets vulnerable OpenSSL versions (1.0.1 to 1.0.1f) to leak memory contents from Apache and Postfix services.

This repository provides a detailed technical analysis of the Heartbleed vulnerability (CVE-2014-0160), including its root cause, exploitation mechanism, and mitigation strategies. It includes screenshots and references to tools like Nmap and Metasploit for detection and exploitation.

This repository contains a detailed writeup demonstrating the exploitation of CVE-2014-0160 (Heartbleed) using Nmap and Metasploit to extract sensitive information from a vulnerable OpenSSL server. It includes steps for vulnerability detection, exploitation, and analysis of leaked memory data.

This is a Python-based proof-of-concept exploit for CVE-2014-0160 (Heartbleed), which tests for the OpenSSL TLS heartbeat extension memory disclosure vulnerability. It supports multiple SSL/TLS versions and attempts to trigger the vulnerability by sending malformed heartbeat requests.

This repository contains a Python script to check for the Heartbleed vulnerability (CVE-2014-0160) by sending a malformed TLS heartbeat request and analyzing the response. It does not exploit the vulnerability but detects its presence.

This repository contains a Python-based PoC for CVE-2014-0160 (Heartbleed), which exploits a memory disclosure vulnerability in OpenSSL's TLS heartbeat extension. The script supports multiple TLS versions and STARTTLS protocols, allowing attackers to leak sensitive memory contents from vulnerable servers.

This repository contains a Chrome plugin PoC for CVE-2014-0160 (Heartbleed), likely demonstrating the vulnerability in a browser context. The provided JavaScript file includes jQuery and appears to be part of a plugin, but the actual exploit logic is truncated.

This is a functional Python script that exploits the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL by sending malformed heartbeat requests to extract memory contents from vulnerable servers. It supports both direct SSL/TLS connections and STARTTLS (SMTP).

This repository provides a Dockerized environment with Nginx and a vulnerable OpenSSL version (1.0.1f) to test CVE-2014-0160 (Heartbleed). It includes instructions for exploiting the vulnerability to leak memory contents, including HTTP Basic Authentication credentials.

This repository contains a functional Python-based PoC for CVE-2014-0160 (Heartbleed), which exploits a memory disclosure vulnerability in OpenSSL's Heartbeat extension. The exploit sends malformed Heartbeat requests to leak server memory contents, potentially exposing sensitive data like private keys or credentials.

This repository is a README file referencing CVE-2014-0160 (Heartbleed) and provides links to related Docker containers and tools for managing vulnerable environments. It does not contain exploit code but serves as documentation for testing setups.

This is a functional Python exploit for CVE-2014-0160 (Heartbleed), which extracts memory contents from vulnerable OpenSSL servers via malformed TLS heartbeat requests. It includes features like STARTTLS support, multiple iterations, and RSA private key extraction.

This repository contains a functional proof-of-concept exploit for CVE-2014-0160 (Heartbleed), which targets the OpenSSL TLS heartbeat extension vulnerability to leak memory contents from vulnerable servers. It includes a Python script for exploitation and a bash wrapper for automation.

This repository contains a Python-based proof-of-concept exploit for CVE-2014-0160 (Heartbleed), which allows an attacker to leak memory contents from vulnerable OpenSSL servers. The tool includes features to detect leaked cookies, passwords, and custom keys, and supports both console and file output.

This repository contains a Python script to test for the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. The script sends a malformed heartbeat request to detect if the server leaks memory contents.

This is a Python-based proof-of-concept exploit for the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It crafts malicious Heartbeat requests to leak memory contents from vulnerable servers.

This repository contains a functional proof-of-concept exploit for the Heartbleed vulnerability (CVE-2014-0160). It includes a Python script to test for the vulnerability by sending malformed heartbeat requests to an SSL/TLS server and a bash script to automate the process.

This repository contains detection tools for CVE-2014-0160 (Heartbleed), including scripts to check if a server is vulnerable by sending malformed heartbeat requests. The tools support various protocols (IMAP, SMTP, HTTP, etc.) and can extract data from vulnerable servers.

This repository contains a checker tool for CVE-2014-0160 (Heartbleed), designed to detect vulnerable OpenSSL implementations. The provided code is primarily frontend JavaScript and does not include the actual exploit logic.

This is an Nmap NSE script designed to detect and exploit the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It supports multiple protocols (FTP, SMTP, XMPP) and TLS versions, and can dump leaked memory to a file.

This is an Nmap NSE script designed to detect and exploit the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL. It supports multiple protocols (FTP, SMTP, XMPP) and TLS versions, and can dump leaked memory for analysis.

This repository contains a functional proof-of-concept for CVE-2014-0160 (Heartbleed), including scripts to test vulnerable servers for memory leakage. The primary script `heartbleed-test.py` sends malformed heartbeat requests to exploit the vulnerability and dump memory contents.

This repository contains a shell script that automates the testing of subdomains for the Heartbleed vulnerability (CVE-2014-0160) using the 'knock' subdomain scanner and 'check-ssl-heartbleed' tool. It iterates through subdomains of a given domain and checks for vulnerability by sending malformed heartbeat requests.

This is a PHP-based scanner for CVE-2014-0160 (Heartbleed) that queries a third-party service to check if domains are vulnerable. It does not exploit the vulnerability but relies on an external API for detection.

This repository contains a functional PoC for CVE-2014-0160 (Heartbleed), specifically targeting 1Password databases to test for vulnerable HTTPS hosts. It includes a script to extract HTTPS hosts from a 1Password database and another to test each host for the Heartbleed vulnerability.

This is a Chrome extension that checks if a website is vulnerable to the Heartbleed OpenSSL bug (CVE-2014-0160) by querying an external service. It displays a warning if the site is vulnerable and caches results to avoid repeated checks.

This repository contains a functional Python-based exploit for CVE-2014-0160 (Heartbleed), targeting vulnerable OpenSSL clients. It includes a server to test client vulnerability and a script to exploit servers, demonstrating memory leakage via malformed Heartbeat requests.

This repository contains the RouterSploit framework, an exploitation toolkit for embedded devices, including modules for exploits, credential testing, scanners, and payloads. It is designed to test and exploit vulnerabilities in routers and other embedded systems.

This is a functional exploit for CVE-2014-0160 (Heartbleed), which leverages a missing bounds check in OpenSSL's heartbeat extension to leak up to 65,535 bytes of remote heap memory per request. The exploit supports both TLS and DTLS, decrypts the leaked data, and writes it to a file for analysis.

This is a functional exploit for CVE-2014-0160 (Heartbleed), which leverages a missing bounds check in OpenSSL's heartbeat extension to leak up to 65,535 bytes of remote heap memory per request. The exploit establishes an SSL/TLS connection, sends a malformed heartbeat request, and decrypts the leaked data.

This Metasploit module exploits the OpenSSL Heartbleed vulnerability (CVE-2014-0160) to leak memory contents from vulnerable servers. It supports scanning, memory dumping, and private key recovery via crafted heartbeat requests.

This Metasploit module exploits the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL by acting as a fake SSL server to leak memory from connecting clients. It captures heartbeat responses to extract sensitive data such as private keys or session tokens.