Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
https://github.com/future-architect/vuls
administrator cybersecurity freebsd go golang linux security security-audit security-automation security-hardening security-scanner security-tools security-vulnerability vulnerabilities vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanner vulnerability-scanners vuls
Last synced: 3 days ago
JSON representation
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
- Host: GitHub
- URL: https://github.com/future-architect/vuls
- Owner: future-architect
- License: gpl-3.0
- Created: 2016-03-27T02:29:09.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-10-28T03:47:02.000Z (about 2 months ago)
- Last Synced: 2024-10-29T14:04:31.715Z (about 1 month ago)
- Topics: administrator, cybersecurity, freebsd, go, golang, linux, security, security-audit, security-automation, security-hardening, security-scanner, security-tools, security-vulnerability, vulnerabilities, vulnerability-assessment, vulnerability-detection, vulnerability-management, vulnerability-scanner, vulnerability-scanners, vuls
- Language: Go
- Homepage: https://vuls.io/
- Size: 28.4 MB
- Stars: 10,964
- Watchers: 326
- Forks: 1,161
- Open Issues: 78
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
- awesome-go - future-architect/vuls - less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices|9,969| (Popular)
- awesome - vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices (Go)
- security-study-tutorial - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
- awesome-repositories - future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices (Go)
- awesome-software-supply-chain-security - future-architect/vuls: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
- cybersecurity-golang-security - vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go (Network Scanners)
- awesome-golang-repositories - vuls - less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices (Repositories)
- awesome-go-security - vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go (Network Scanners)
- Awesome-BSD-Ports-Programs-And-Projects -  | Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices | (Apps / Security)
README
# Vuls: VULnerability Scanner
[](http://goo.gl/forms/xm5KFo35tu)
[](https://github.com/future-architect/vuls/blob/master/LICENSE)
[](https://goreportcard.com/report/github.com/future-architect/vuls)
[](https://github.com/future-architect/vuls/graphs/contributors)
Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go.
We have a slack team. [Join slack team](https://join.slack.com/t/vuls-github/shared_invite/zt-1fculjwj4-6nex2JNE7DpOSiKZ1ztDFw)
Twitter: [@vuls_en](https://twitter.com/vuls_en)
[](https://asciinema.org/a/3y9zrf950agiko7klg8abvyck)
----
## Abstract
For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden.
To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform update manually.
This leads to the following problems.
- The system administrator will have to constantly watch out for any new vulnerabilities in NVD (National Vulnerability Database) or similar databases.
- It might be impossible for the system administrator to monitor all the software if there are a large number of software packages installed in the server.
- It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there.
Vuls is a tool created to solve the problems listed above. It has the following characteristics.
- Informs users of the vulnerabilities that are related to the system.
- Informs users of the servers that are affected.
- Vulnerability detection is done automatically to prevent any oversight.
- A report is generated on a regular basis using CRON or other methods. to manage vulnerability.
----
## Main Features
### Scan for any vulnerabilities in Linux/FreeBSD/Windows/macOS
[Supports major Linux/FreeBSD/Windows/macOS](https://vuls.io/docs/en/supported-os.html)
- Alpine, Amazon Linux, CentOS, AlmaLinux, Rocky Linux, Debian, Oracle Linux, Raspbian, RHEL, openSUSE, openSUSE Leap, SUSE Enterprise Linux, Fedora, and Ubuntu
- FreeBSD
- Windows
- macOS
- Cloud, on-premise, Running Docker Container
### High-quality scan
- Vulnerability Database
- [NVD](https://nvd.nist.gov/)
- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
- OVAL
- [Red Hat](https://www.redhat.com/security/data/oval/)
- [Debian](https://www.debian.org/security/oval/)
- [Ubuntu](https://security-metadata.canonical.com/oval/)
- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
- [Oracle Linux](https://linux.oracle.com/security/oval/)
- Security Advisory
- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
- [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
- [Ubuntu CVE Tracker](https://people.canonical.com/~ubuntu-security/cve/)
- [Microsoft CVRF](https://api.msrc.microsoft.com/cvrf/v2.0/swagger/index)
- Commands(yum, zypper, pkg-audit)
- RHSA / ALAS / ELSA / FreeBSD-SA
- Changelog
- PoC, Exploit
- [Exploit Database](https://www.exploit-db.com/)
- [Metasploit-Framework modules](https://www.rapid7.com/db/?q=&type=metasploit)
- [qazbnm456/awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc)
- [nomi-sec/PoC-in-GitHub](https://github.com/nomi-sec/PoC-in-GitHub)
- [gmatuz/inthewilddb](https://github.com/gmatuz/inthewilddb)
- CERT
- [US-CERT](https://www.us-cert.gov/ncas/alerts)
- [JPCERT](http://www.jpcert.or.jp/at/2019.html)
- KEV
- CISA(Cybersecurity & Infrastructure Security Agency): [Known Exploited Vulnerabilities Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
- VulnCheck: [VulnCheck KEV](https://vulncheck.com/kev)
- Cyber Threat Intelligence(MITRE ATT&CK and CAPEC)
- [mitre/cti](https://github.com/mitre/cti)
- Libraries
- [aquasecurity/vuln-list](https://github.com/aquasecurity/vuln-list)
- WordPress
- [wpscan](https://wpscan.com/api)
### Scan mode
[Fast Scan](https://vuls.io/docs/en/architecture-fast-scan.html)
- Scan without root privilege, no dependencies
- Almost no load on the scan target server
- Offline mode scan with no internet access. (CentOS, Alma Linux, Rocky Linux, Debian, Oracle Linux, Red Hat, Fedora, and Ubuntu)
[Fast Root Scan](https://vuls.io/docs/en/architecture-fast-root-scan.html)
- Scan with root privilege
- Almost no load on the scan target server
- Detect processes affected by update using yum-ps (Amazon Linux, CentOS, Alma Linux, Rocky Linux, Oracle Linux, Fedora, and RedHat)
- Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
- Offline mode scan with no internet access. (CentOS, Alma Linux, Rocky Linux, Debian, Oracle Linux, Red Hat, Fedora, and Ubuntu)
### [Remote, Local scan mode, Server mode](https://vuls.io/docs/en/architecture-remote-local.html)
[Remote scan mode](https://vuls.io/docs/en/architecture-remote-scan.html)
- User is required to only set up one machine that is connected to other target servers via SSH
[Local scan mode](https://vuls.io/docs/en/architecture-local-scan.html)
- If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.
[Server mode](https://vuls.io/docs/en/usage-server.html)
- First, start Vuls in server mode and listen as an HTTP server.
- Next, issue a command on the scan target server to collect software information. Then send the result to Vuls Server via HTTP. You receive the scan results as JSON format.
- No SSH needed, No Scanner needed. Only issuing Linux commands directory on the scan target server.
### **Dynamic** Analysis
- It is possible to acquire the state of the server by connecting via SSH and executing the command.
- Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
### Scan vulnerabilities of non-OS-packages
- Libraries of programming language
- Self-compiled software
- Network Devices
Vuls has some options to detect the vulnerabilities
- [Lockfile based Scan](https://vuls.io/docs/en/usage-scan-non-os-packages.html#library-vulns-scan)
- [GitHub Integration](https://vuls.io/docs/en/usage-scan-non-os-packages.html#usage-integrate-with-github-security-alerts)
- [Common Platform Enumeration (CPE) based Scan](https://vuls.io/docs/en/usage-scan-non-os-packages.html#cpe-scan)
- [OWASP Dependency Check Integration](https://vuls.io/docs/en/usage-scan-non-os-packages.html#usage-integrate-with-owasp-dependency-check-to-automatic-update-when-the-libraries-are-updated-experimental)
## Scan WordPress core, themes, plugins
- [Scan WordPress](https://vuls.io/docs/en/usage-scan-wordpress.html)
## MISC
- Nondestructive testing
- Pre-authorization is *NOT* necessary before scanning on AWS
- Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
- Auto-generation of configuration file template
- Auto-detection of servers set using CIDR, generate configuration file template
- Email and Slack notification is possible (supports Japanese language)
- Scan result is viewable on accessory software, TUI Viewer in a terminal or Web UI ([VulsRepo](https://github.com/ishiDACo/vulsrepo)).
----
## What Vuls Doesn't Do
- Vuls doesn't update the vulnerable packages.
----
## Document
For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)
[日本語翻訳ドキュメント](https://vuls.io/ja/)
----
## Authors
kotakanbe ([@kotakanbe](https://twitter.com/kotakanbe)) created vuls and [these fine people](https://github.com/future-architect/vuls/graphs/contributors) have contributed.
## Contribute
see [vulsdoc](https://vuls.io/docs/en/how-to-contribute.html)
----
## Sponsors
| | |
| ------------- | ------------- |
| 
| Tines is no-code automation for security teams. Build powerful, reliable workflows without a development team. |
| 
| SAKURA internet Inc. is an Internet company founded in 1996. We provide cloud computing services such as "Sakura's Shared Server", "Sakura's VPS", and "Sakura's Cloud" to meet the needs of a wide range of customers, from individuals and corporations to the education and public sectors, using its own data centers in Japan. Based on the philosophy of "changing what you want to do into what you can do," we offer DX solutions for all fields. |
----
## License
Please see [LICENSE](https://github.com/future-architect/vuls/blob/master/LICENSE).