Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's
- Scan a system with NMap or any other scanning tool and use the scan to analyse the systems for vulnerabilities
- Have the posibility for multiple input formats (NMap scan, xml, Json, etc)
- Use CVE-Search to enhance the scan to add more information
- Have multiple export formats as well as webbrowser component
- Automatically download known scripts to use on exploits
Warning, this tutorial is for Linux systems (developed and tested on Ubuntu 14.10). This program should run under Windows (and probably Mac) systems as well.
CVE-Scan uses the CVE-Search API to enhance your nmap scans.
Warning CVE-Search is not included in CVE-Scan
You can use CIRCLs [public API] (http://cve.circl.lu), or install CVE-Search localy, or on another accessible machine. You can install CVE-Search from the git repo. For now, CVE-Search does not have a "core" package yet (Without the webpages), but I will add this later on. Once you installed CVE-Search, in the configuration file, make sure you set the correct URL to it.
CVE-Scan needs some aditional packages to work. Install them using:
sudo apt-get install -y nmap (or your package manager of choice)
pip3 install -r requirements.txt
Weasyprint has a set of sub-requirements. Please find the details here
To use CVE-Scan, first run an nmap scan on a system. You can modify the parameters however you want, however, you'd want to include Service Detection and OS detection. Below, you can find a default nmap scan that will output to an xml file.
nmap -A -O 192.168.0.1 -oX output.xml
CVE-Scan is composed of 3 major functions:
- converter.py - Converts the nmap xml to the CVE-Scan json format
- analyzer.py - Analyses either an nmap xml or a CVE-Scan json and queries CVE-Search to obtain vulnerability information
- visualizer.py - Visualizes the results of analyzer.py
and Nmap2CVE-Search.py, which does all of the above in 1 go.
You can either run
python3 Nmap2CVE-Search.py output.xml to
enhance and visualize the report, or
python3 analyzer.py -x output.xml enhanced.json, to create the
enhanced report, followed by
python3 visualizer.py enhanced.json
to visualize the report (default webserver on localhost:5050.
Add -t for terminal view)
All scripts in the
bin folder can be called with the -h flag, to get more information about it.
Since we don't have a large budget, the website might not be available all the time.
If you like this tool, please consider donating, so we can keep our servers up and running. You can support us on Subscribestar
This software is licensed under the "Original BSD License".
(C) 2015 NorthernSec https://github.com/NorthernSec (c) 2015 Pieter-Jan Moreels https://github.com/pidgeyl