Freevulnsearch - Costless As Well As Opened Upwards Nmap Nse Script To Question Vulnerabilities Via The Cve-Search.Org Api
This NMAP NSE script is component division of the Free OCSAF projection - https://freecybersecurity.org. In conjunction alongside the version scan "-sV" inwards NMAP, the corresponding vulnerabilities are automatically assigned using CVE (Common Vulnerabilities as well as Exposures) as well as the severity of the vulnerability is assigned using CVSS (Common Vulnerability Scoring System). For to a greater extent than clarity, the CVSS are however assigned to the corresponding v3.0 CVSS ratings:
- Critical (CVSS 9.0 - 10.0)
- High (CVSS 7.0 - 8.9)
- Medium (CVSS 4.0 - 6.9)
- Low (CVSS 0.1 - 3.9)
- None (CVSS 0.0)
Confidentiality information:
The queries are made using the determined CPE via the circl.lu API. For farther information on the confidentiality of the circl.lu API, delight catch https://www.circl.lu/services/cve-search/ directly.
The best means is to install cve-search (https://github.com/cve-search/cve-search) locally as well as utilization your ain API with
nmap -sV --script freevulnsearch --script-args apipath=
Installation:
You tin flame either specify the script path straight inwards the NMAP command, for example
nmap -sV --script /freevulnsearch
or re-create the script into the appropriate directory of your NMAP installation.In KALI LINUXâ„¢ for example: /usr/share/nmap/scripts/ sudo nmap --script-ubdatedb
Important note: First read the confidentiality information. It is recommended to run freevulnsearch.nse separately without additional NSE scripts. If y'all produce non desire to brand an assignment to the category safe, vuln as well as external, as well as then produce non execute the nmap --script-updatedb ascendency mentioned above.Usage:
The usage is simple, only utilization NMAP -sV as well as this script.
nmap -sV --script freevulnsearch
According to my tests, for stability reasons, alone http without TLS should hold out used when querying the API for many simultaneous requests. For this reason, y'all tin flame optionally disable TLS using an input argument. Important, afterward that the API enquiry to circl.lu is unencrypted.nmap -sV --script freevulnsearch --script-args notls=yes
If y'all scan alongside the categories rubber or vuln as well as then exclude the script or the category external or produce non add together the script to the NMAP default directory. It is recommended to run freevulnsearch.nse separately without additional NSE scripts.CPE exception treatment for format:
If a NMAP CPE is non clear, several functions inwards the freevulnsearch.nse script check whether the formatting of the CPE is inaccurate. For example:
- (MySQL) 5.0.51a-3ubuntu5 -to- 5.0.51a
- (Exim smtpd) 4.90_1 -to- 4.90
- (OpenSSH) 6.6.1p1 -to- 6.6:p1
- (OpenSSH) 7.5p1 -to- 7.5:p1
- ...