Vuls - Vulnerability Scanner For Linux/Freebsd, Agentless, Written Inwards Go
Vulnerability scanner for Linux/FreeBSD, agentless, written inwards golang.
Twitter: @vuls_en
DEMO
Abstract
For a arrangement administrator, having to perform safety vulnerability analysis as well as software update on a daily footing tin survive a burden. To avoid downtime inwards production environment, it is mutual for arrangement administrator to remove non to purpose the automatic update alternative provided past times packet managing director as well as to perform update manually. This leads to the next problems.
- System administrator volition convey to constantly lookout adult man out for whatsoever novel vulnerabilities inwards NVD(National Vulnerability Database) or like databases.
- It mightiness survive impossible for the arrangement administrator to monitor all the software if at that topographic point are a large number of software installed inwards server.
- It is expensive to perform analysis to decide the servers affected past times novel vulnerabilities. The possibility of overlooking a server or 2 during analysis is there.
- Informs users of the vulnerabilities that are related to the system.
- Informs users of the servers that are affected.
- Vulnerability detection is done automatically to forestall whatsoever oversight.
- Report is generated on regular footing using CRON or other methods. to instruct by vulnerability.
Main Features
Scan for whatsoever vulnerabilities inwards Linux/FreeBSD Server
Supports major Linux/FreeBSD
- Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux as well as Raspbian, FreeBSD
- Cloud, on-premise, Docker
High character scan
Vuls uses Multiple vulnerability databases
- NVD
- JVN(Japanese)
- OVAL
- Alpine-secdb
- Red Hat Security Advisories
- Debian Security Bug Tracker
- Commands(yum, zypper, pkg-audit)
- RHSA/ALAS/ELSA/FreeBSD-SA
- Exploit Database
- Changelog
Fast scan as well as Deep scan
Fast Scan
- Scan without root privilege, no dependencies
- Almost no charge on the scan target server
- Offline trend scan amongst no mesh access. (Red Hat, CentOS, OracleLinux, Ubuntu, Debian)
- Scan amongst root privilege
- Almost no charge on the scan target server
- Detect processes affected past times update using yum-ps (RedHat, CentOS, Oracle Linux as well as Amazon Linux)
- Detect processes which updated earlier exactly non restarting even as well as thence using checkrestart of debian-goodies (Debian as well as Ubuntu)
- Offline trend scan amongst no mesh access. (RedHat, CentOS, OracleLinux, Ubuntu, Debian)
- Scan amongst root privilege
- Parses the Changelog
Changelog has a history of version changes. When a safety number is fixed, the relevant CVE ID is listed. By parsing the changelog as well as analysing the updates betwixt the installed version of software on the server as well as the newest version of that software it's possible to practice a listing of all vulnerabilities that postulate to survive fixed. - Sometimes charge on the scan target server
Remote scan as well as Local scan
Remote Scan
- User is required to exclusively setup 1 machine that is connected to other target servers via SSH
- If yous don't desire the primal Vuls server to connect to each server past times SSH, yous tin purpose Vuls inwards the Local Scan mode.
Dynamic Analysis
- It is possible to instruct the soil of the server past times connecting via SSH as well as executing the command.
- Vuls warns when the scan target server was updated the amount etc. exactly non restarting it.
Scan middleware that are non included inwards OS packet management
- Scan middleware, programming linguistic communication libraries as well as framework for vulnerability
- Support software registered inwards CPE
MISC
- Nondestructive testing
- Pre-authorization is NOT necessary earlier scanning on AWS
- Vuls plant good amongst Continuous Integration since tests tin survive run every day. This allows yous to let on vulnerabilities really quickly.
- Auto generation of configuration file template
- Auto detection of servers laid using CIDR, generate configuration file template
- Email as well as Slack notification is possible (supports Japanese language)
- Scan number is viewable on accessory software, TUI Viewer on in conclusion or Web UI (VulsRepo).
What Vuls Doesn't Do
- Vuls doesn't update the vulnerable packages.
Authors
kotakanbe (@kotakanbe) created vuls as well as these fine people convey contributed.
Change Log
Please encounter CHANGELOG.
