The only slightly suspicious thing that he did was that he immediately fuzzed only the first packet and no others. Although, being the first packet, it's a logical place to start. So I think the Heartbleed bug would indeed have been reasonably easy to find with this technology.
Actually, also the fact that he selected this particular packet exchange. This is a bit more suspicious, since there are thousands of other possible packet sequences. But again, the initial TLS handshake would be one of the first ones to check, I think.
