/CVE-Scan

Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's

Primary LanguagePythonBSD 4-Clause "Original" or "Old" LicenseBSD-4-Clause

CVE-Scan

Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's

Goals:

  • Scan a system with NMap or any other scanning tool and use the scan to analyse the systems for vulnerabilities
  • Have the posibility for multiple input formats (NMap scan, xml, Json, etc)
  • Use CVE-Search to enhance the scan to add more information
  • Have multiple export formats as well as webbrowser component

Optional:

  • Automatically download known scripts to use on exploits

Installation:

Warning, this tutorial is for Linux systems (developed and tested on Ubuntu 14.10). This program should run under Windows (and probably Mac) systems as well.

Requirements

CVE-Scan uses the CVE-Search API to enhance your nmap scans.
Warning CVE-Search is not included in CVE-Scan
You can use CIRCLs [public API] (http://cve.circl.lu), or install CVE-Search localy, or on another accessible machine. You can install CVE-Search from the git repo. For now, CVE-Search does not have a "core" package yet (Without the webpages), but I will add this later on. Once you installed CVE-Search, in the configuration file, make sure you set the correct URL to it.

CVE-Scan needs some aditional packages to work. Install them using:

sudo apt-get install -y nmap (or your package manager of choice)

pip3 install -r requirements.txt

Weasyprint has a set of sub-requirements. Please find the details here

Usage:

To use CVE-Scan, first run an nmap scan on a system. You can modify the parameters however you want, however, you'd want to include Service Detection and OS detection. Below, you can find a default nmap scan that will output to an xml file.

nmap -A -O 192.168.0.1 -oX output.xml

CVE-Scan is composed of 3 major functions:

  • converter.py - Converts the nmap xml to the CVE-Scan json format
  • analyzer.py - Analyses either an nmap xml or a CVE-Scan json and queries CVE-Search to obtain vulnerability information
  • visualizer.py - Visualizes the results of analyzer.py

and Nmap2CVE-Search.py, which does all of the above in 1 go.

You can either run python3 Nmap2CVE-Search.py output.xml to enhance and visualize the report, or python3 analyzer.py -x output.xml enhanced.json, to create the enhanced report, followed by python3 visualizer.py enhanced.json to visualize the report (default webserver on localhost:5050. Add -t for terminal view)

All scripts in the bin folder can be called with the -h flag, to get more information about it.

Online Demo

If you want to try our online demo, please visit our website.

Since we don't have a large budget, the website might not be available all the time.

Support us

If you like this tool, please consider donating, so we can keep our servers up and running. You can support us on Subscribestar

Licencing

This software is licensed under the "Original BSD License".

  (C) 2015  NorthernSec		https://github.com/NorthernSec
  (c) 2015  Pieter-Jan Moreels	https://github.com/pidgeyl