/VISE

A search engine on information delivered by OSINT sources to support Vulnerability Assessment

Primary LanguagePythonMIT LicenseMIT

VISE (Vulnerability Information Search Engine)

All Contributors

VISE is a search engine on information delivered by OSINT sources (e.g. NVD, Exploit DB) to support Vulnerability Assessment.

The information can be exctracted by:

 1) manually filling a form:

 2) uploading a searching card:

As a result, in both cases can be obtained three dashboards hosted on Kibana, describing respectivelly:

  • a summary on found vulnerabilities:

  • a more deep description about ones:

  • the available exploits for them:

Moreover, it is possible to export those kinds of data as a unified CSV so that they can be easily managed and reviewed.

VISE can be also used from the CLI running the following commands:

cd VISE/VISE_app/
sudo ./main.py static/assets/SearchingCards/SearchingCard.xlsx 

Prerequisites

  1. Linux distribution (Ubuntu preferred)
  2. python3-pip, python3-venv
cd VISE/scripts/
sudo ./installOthers.sh
  1. flask
cd ../VISE_app/
source venv/bin/activate
sudo ../scripts/installFlask.sh
  1. exploitdb
sudo ../scripts/installExploitDB.sh
searchsploit -u
sudo cve_searchsploit -u
  1. docker
sudo ../scripts/installDockerUbuntu.sh

(the script also start Kibana and Elasticsearch containers with docker-compose)
(kibana starts at http://localhost:5601)
(the username is "elastic", the password is "changeme")

Una tantum configurations

  1. upload indices in elasticsearch
sudo ../scripts/uploadIndices.sh

Execute

  1. start VISE
cd VISE/VISE_app/
sudo ../scripts/startVISE.sh

Contributors


Antonio Forte


Salvatore Scotto di Perta


fabiom95


glkhan


Giuseppe Siani

License

This project is under the MIT license

Cite

If you use this tool in your academic work you can cite it using:

@misc{vise,
  author       = {Antonio Forte},
  howpublished = {GitHub},
  month        = apr,
  title        = {{VISE (Vulnerability Information Search Engine)}},
  year         = {2020},
  url          = {https://github.com/antonioforte1995/VISE},
}