Clone this wiki locally
Welcome to Kvasir!
Kvasir is a vulnerability / penetration testing data management system designed to help mitigate the issues found when performing team-based assessments. Kvasir does this by homogenizing data sources into a pre-defined structure. Currently the following sources are supported:
- Rapid 7 NeXpose
- Metasploit / Metasploit Pro
- Tennable Nessus
- John The Ripper
If you believe you have found an issue or bug with Kvasir, feel free to open an issue ticket here on Github.
For questions and other discussions join the Google Group @ https://groups.google.com/d/forum/kvasir-dev
When things break
It's inevitable that at some point Kvasir is going to break on you. The code has become fairly complex and some features may not get as much testing as they should. When this happens first off calm down and DON'T PANIC!
Then, follow this guide on what to check and what may be required to help remedy any problems.
Scanner Support In-progress
- QualysGuard XML Report
- Nmap Scripting Engine results
- BurpSuite Pro XML Report
What About Web Applications?
Our thought is that Kvasir is to remain focused on network/host-based assessment tools and not applications. This may be addressed in a future release.
See the installation wiki for instructions.
- Operating Systems
- Nexpose Support
- Metasploit Support
- Nessus Support
- Vulnerability Database
- Exploit Linking
- Account Search List Filters
- gunicorn webserver
Valkyries are enumeration/exploitation tasks that can be kicked off from the Kvasir UI.
Kvasir is released under the 3-clause BSD license.