Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/northernsec/cve-scan

Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's
https://github.com/northernsec/cve-scan

Last synced: 2 months ago
JSON representation

Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's

Awesome Lists containing this project

README 

        
# CVE-Scan

Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's



## Goals:

 * Scan a system with NMap or any other scanning tool and use the scan to analyse the systems for vulnerabilities

 * Have the posibility for multiple input formats (NMap scan, xml, Json, etc)

 * Use CVE-Search to enhance the scan to add more information

 * Have multiple export formats as well as webbrowser component

 

### Optional:

* Automatically download known scripts to use on exploits



## Installation:

Warning, this tutorial is for Linux systems (developed and tested on Ubuntu 14.10).

This program should run under Windows (and probably Mac) systems as well.



### Requirements

CVE-Scan uses the CVE-Search API to enhance your nmap scans. 


**Warning** CVE-Search is not included in CVE-Scan 


You can use [CIRCL](http://circl.lu)s [public API]

 (http://cve.circl.lu), or install CVE-Search localy, or on another accessible machine.

You can install [CVE-Search](https://github.com/PidgeyL/cve-search) from the git repo.

For now, CVE-Search does not have a "core" package yet (Without the webpages), but I will add this later on.

Once you installed CVE-Search, in the configuration file, make sure you set the correct URL to it.



CVE-Scan needs some aditional packages to work. Install them using:



```sudo apt-get install -y nmap``` (or your package manager of choice)



```pip3 install -r requirements.txt```



Weasyprint has a set of sub-requirements. Please find the details [here](http://weasyprint.readthedocs.org/en/latest/install.html)



## Usage:

To use CVE-Scan, first run an nmap scan on a system. You can modify the

 parameters however you want, however, you'd want to include Service Detection

 and OS detection. Below, you can find a default nmap scan that will output to

 an xml file.



```nmap -A -O 192.168.0.1 -oX output.xml```



CVE-Scan is composed of 3 major functions:

 * **converter.py**  - Converts the nmap xml to the CVE-Scan json format

 * **analyzer.py**   - Analyses either an nmap xml or a CVE-Scan json and

 queries CVE-Search to obtain vulnerability information

 * **visualizer.py** - Visualizes the results of analyzer.py



and **Nmap2CVE-Search.py**, which does all of the above in 1 go.



You can either run ```python3 Nmap2CVE-Search.py output.xml``` to

 enhance and visualize the report, or

 ```python3 analyzer.py -x output.xml enhanced.json```, to create the

 enhanced report, followed by ```python3 visualizer.py enhanced.json```

 to visualize the report (default webserver on localhost:5050.

 Add -t for terminal view)

 

 All scripts in the `bin` folder can be called with the -h flag, to get more information about it.



## Online Demo

If you want to try our [online demo](http://northernsec.eu/cve-scan),

 please visit our [website](http://northernsec.eu).



Since we don't have a large budget, the website might not be available all the time.



## Support us

If you like this tool, please consider donating, so we can keep our servers up and running.

You can support us on [Subscribestar](https://www.subscribestar.com/pidgey)



## Licencing

This software is licensed under the "Original BSD License".

```

  (C) 2015  NorthernSec		https://github.com/NorthernSec

  (c) 2015  Pieter-Jan Moreels	https://github.com/pidgeyl

```