The ISC shares techniques for testing vulnerable Open SSL sites using NMAP, which is an excellent free PENTEST tool used in network vulnerability testing

QUOTE: We have received reports by many readers about buggy tools to test for the heartbleed vulnerability. Today I want to show you how easy it is to check for this vulnerability using a reliable tool as nmap.  You just need to trigger a version scan (-sV) along with the script (ssl-heartbleed). The following example with show a command that will scan for this bug:  nmap -sV –script=ssl-heartbleed