Heartbleed Vulnerability

This dataset is composed of five scan collections: https-full, https-samples, https-alexa, smtp-alexa, and smtp-samples, and PCAPs of the attacks we observed at an Amazon EC2 honeypot. The scan files contain parsed TLS handshakes as well as heartbeat support and heartbleed vulnerability status. All files are in JSON format; an example record can be seen in sample.json. Our scan methodology is described in detail in the study listed above. The banner grab tool we used for all experiments is available at https://github.com/zmap/zgrab. Full HTTPS scans cover the public IPv4 address space excluding networks that have requested removal from University of Michigan network studies. Samples are composed of 1% scans of the public IPv4 address space (addresses selected using ZMap's randomization algorithm). ; hearbleed-team@umuch.edu