Jump to content

Free EternalBlue Vulnerability Scanner Released


Recommended Posts

Eternal Blues

Eternal Blues is a free EternalBlue vulnerability scanner. It helps finding the blind spots in your network, these endpoints that are still vulnerable to EternalBlue.

Just hit the SCAN button and you will immediately start to get which of your computers are vulnerable and which aren’t. That’s it.




If you wish, you can switch networks, or edit your own (yeah, you can also scan the world wide web if you wish). Please use it for good cause only. We have enough bad guys already…


Was this tool tested in real networks?

Oh yeah. Obviously I cannot say which, but with almost every network I connected to, there were a few vulnerable computers.

 IMPORTANT: It does *not* exploit the vulnerability, but just checks whether it is exploitable.


Yet another vulnerability scanner?

There are many vulnerability scanners out there. So… why did I create another? Mainly for the ease of use. The majority of latest WannaCry, NoPetya (Petya, GoldenEye or whatever) victims, are not technical organizations and sometimes just small business who don’t have a security team, or even just an IT team to help them mitigate this. Running NMap, Metasploit (not to mention more commercial products) is something they will never do. I aimed to create a simple ‘one-button’ tool that tells you one thing and one thing only – which systems are vulnerable in your network.



This is a free tool provided for your benefit & security. I don’t charge for it. There are mainly two things I’m after -

  • Helping out
  • Knowing if it really helped. That’s why anonymous usage statistics will be sent to me (done through Google Analytics, so anonymity is guaranteed) – only # of computers scanned and # of vulnerable ones found will be reported. Nothing else about your host, IPs, or anything else. I’ll be sharing world wide usage statistics if this tool becomes popular



  • If you’re about to run it in your working environment, please update the IT/Security team in advance. You don’t want to cause (IDS/IPS/AV) false alarms
  • If vulnerable systems were found – please take a Windows update asap

  • For god sake, please disable SMBv1 already. Whether your systems are patched or not. This protocol was written over 3 decades ago…!
  • If you would like to enjoy the tool but disallow sending anonymous statistics (which is so uncool), disable access to my website


Final words

I really hope this can help people and organizations protecting against the next attack.

This is a no-guarantees-use-at-your-own-risk tool.

Special thank to Jonathan Smith for his contribution!

Please share your feedback -

  • Comment
  • Email: EternalBlues!omerez.com (replace ‘!’ with ‘@’)
  • LinkedIn: Elad Erez

Peace out.



There were two people reporting potential false positive on W2K3. Hopefully getting to it in the next few days. I didn’t imagine there will be so many downloads in 24 hours. Please keep reporting if you experience any issues, so we can make this tool even better.


Article source

Link to comment
Share on other sites

  • Replies 7
  • Views 1.1k
  • Created
  • Last Reply

I fear of getting hacked for cheking whether Hackfroof or not ......  


Anybody pls share your experience....  :lol:


But I can trust on @Batu69

Link to comment
Share on other sites

15 minutes ago, PafoH said:

But I can trust on @Batu69


You can always trust @Batu69
Downloaded and executed
No vulnerability here

Link to comment
Share on other sites

Now If there is any vulnerability then how to solve that although I had run the tool and there is no vulnerability and I have most recent update installed ......

Link to comment
Share on other sites

Can you trust batusixtynine nope he appears good hes actually a very dangerous person and should not be trusted at all please spread the word hahahaha.  Im kidding yes you can trust batusixtynine download this and use it and if you find that your computer is vulnerable check windows updates depending on your operating system and for god sakes disable SMBone protocol and if you dont know how google it its three decades old.  Also block ports onethirtyseven TCP and UDP onethirtyeight UDP onethirtynine TCP and fourfortyfive TCP (ports onethirtyseven TCP and UDP and onethirtyeight UDP thanks to straycatninteen for teaching some of us and reminding some of us (he reminded me)).

Link to comment
Share on other sites

Instead of a NO or YES in the Vulnerable column I get "No Response" from top to bottom? What does that signify?  

Link to comment
Share on other sites

  • Administrator

While trying this, I had forgotten that I had only two devices on my network, was wondering if all the other IPs were vulnerable. :P


Jokes apart. Seems a good software. Some sites are covering it. As for the security of it, lets just say we cannot say what any software does until we look at the code, we just have to trust it. Having said, I'm sure all the security experts can and will have a look into it.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...