/vulnerability_scanner

Searches for vulnerabilities (CVEs) by estimated CPEs for the installed packages and stores everything inside a sqlite database.

Primary LanguagePython

vulnerability_scanner

Work in progress...

What it does:

Searches for vulnerabilities (CVEs) by estimated CPEs for the installed packages and stores everything inside a sqlite database. Currently just supported for dpkg based operating systems.

Todo list:

  • Support for other package management systems (apt, rpm, zypper, gem)
  • Improvement of usability and design (script usage and output)
  • Web application for graphical reports, lists and management of vulnerabilities
  • Improvement of identifying CPEs and their CVEs
  • Secure API interface to get assets and vulnerabilities (json, xml, csv)
  • Connect more sources with vulnerability information
  • Maybe support for Windows and MacOS (wmic, powershell, homebrew)

Installation:

apt install python2.7
apt install python-pip
git clone https://github.com/tinoloni/vulnerability_scanner.git
cd vulnerability_scanner
pip install -r requirements.txt

Usage:

The script is splitted into three parts:

  1. software_cpes (-s option)
  2. nvd_update (-n option)
  3. vuln_scan (-v option)

By default without using any of these options everything gets executed.

alt text

After scanning you can start a webapp (http://localhost:5000) showing a list of found vulnerabilities with:

python run.py

Tested with:

  • Ubuntu 16.04 LTS
  • Debian 9.0

Database Structure:

Table Attributes
cves cveid (PK)
cvss
access_vector
access_complexity
authentication
confidentiality_impact
integrity_impact
availability_impact
description
published
modified
link
cpes id (PK)
string
os
vendor
product
version
update_date
edition
language
cpe_cve id (PK)
cpe (FK)
cveid (FK)
download_dates link (PK)
last_download
software id (PK)
string
package
vendor
product
version
cpe_found
maybe_wrong_vendor
scanresult id (PK)
software_id (FK)
cve_id (FK)