Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vulcan-exposed-db check consolidation using Nuclei #486

Open
wants to merge 12 commits into
base: master
Choose a base branch
from

Conversation

danfaizer
Copy link
Contributor

@danfaizer danfaizer commented Oct 18, 2023

The goal of this PR is deprecate vulcan-exposed-db check in favour of vulcan-nuclei check by providing custom Nuclei templates.
In fact, vulcan-tenable check already report most of the database service exposures but it requires a 3rd party to run and we've decided to provide an open source replacement for the vulcan-exposed-db check instead.

Check changes:

  • Update check base docker image.
  • Add impact attribute to the Nuclei result struct and assign the value to the ImpactDetail Vulcan report.
  • Fix a typo when logging excluded template list.
  • Add custom Nuclei template validation and test "detect" tag templates.

Templates added:

  • Exposed MySQL
  • Exposed PostgreSQL
  • Exposed MS SQL Server
  • Exposed Redis
  • Exposed Elasticsearch
  • Exposed MongoDB
  • Exposed Cassandra
  • Exposed OracleDB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant