

Reverse Heartbleed: Test for vulnerable clients - bradleybuda
https://reverseheartbleed.com/

======
bradleybuda
For what it's worth, we're not retaining any of the data that this tool finds,
nor are we able to track this back to the vulnerable services (we're not
logging clients' IP address or user agents).

If you can't find a vulnerable site, this one-line works for me as a test case
(using a version or Ruby with an old OpenSSL):

require 'faraday'; Faraday.new.get
'[https://reverseheartbleed.com/exploit_me/your_url'](https://reverseheartbleed.com/exploit_me/your_url')

