Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sjvermeu/cvechecker

Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
https://github.com/sjvermeu/cvechecker

Last synced: about 1 month ago
JSON representation

Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data

Awesome Lists containing this project

README 

        
# cvechecker



The goal of cvechecker is to report about possible vulnerabilities on your

system, by scanning a list of installed software and matching results with

the CVE database. This is not a bullet-proof method and you will have many

false positives (ie: vulnerability is fixed with a revision-release, but

the tool isn't able to detect the revision itself), yet it is still better

than nothing, especially if you are running a distribution with little

security coverage.



## Quickstart



1. Initalize the SQLite3 Database

    ```sh

    # cvechecker -i

    ```



2. Load CVE and version matching rules

    ```sh

    # pullcves pull

    ```



3. Generate List of Files to scan

    ```sh

    $ find / -type f -perm -o+x > scanlist.txt

    $ echo /proc/version >> scanlist.txt

    ```



4. Gather List of Installed Software/Versions

    ```sh

    $ cvechecker -b scanlist.txt

    ```



5. Output Matching CVE Entries

    ```sh

    $ cvechecker -r

    ```



More detailed installation information available via the [installation docs](../../wiki/Installation).

[The homepage for this project](../../wiki).