Vuls – Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go

0
9
Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go

Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
Twitter: @vuls_en

DEMO

Abstract
For a system administrator, having to carry out safety vulnerability analysis and software update every day generally is a burden. To keep away from downtime in manufacturing setting, it’s common for system administrator to decide on to not use the automated replace choice supplied by bundle supervisor and to carry out replace manually. This results in the next issues.

  • System administrator must always be careful for any new vulnerabilities in NVD(National Vulnerability Database) or related databases.
  • It may be inconceivable for the system administrator to watch all of the software program if there are numerous software program put in in server.
  • It is dear to carry out evaluation to find out the servers affected by new vulnerabilities. The chance of overlooking a server or two throughout evaluation is there.

Vuls is a instrument created to resolve the issues listed above. It has the next traits.

  • Informs customers of the vulnerabilities which can be associated to the system.
  • Informs customers of the servers which can be affected.
  • Vulnerability detection is completed robotically to forestall any oversight.
  • Report is generated on common foundation utilizing CRON or different strategies. to handle vulnerability.

Main Features

Scan for any vulnerabilities in Linux/FreeBSD Server
Supports major Linux/FreeBSD

  • Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux and Raspbian, FreeBSD
  • Cloud, on-premise, Docker

High high quality scan
Vuls makes use of Multiple vulnerability databases

Fast scan and Deep scan
Fast Scan

  • Scan with out root privilege, no dependencies
  • Almost no load on the scan goal server
  • Offline mode scan with no web entry. (Red Hat, CentOS, OracleLinux, Ubuntu, Debian)

Fast Root Scan

  • Scan with root privilege
  • Almost no load on the scan goal server
  • Detect processes affected by replace utilizing yum-ps (RedHat, CentOS, Oracle Linux and Amazon Linux)
  • Detect processes which up to date earlier than however not restarting but utilizing checkrestart of debian-goodies (Debian and Ubuntu)
  • Offline mode scan with no web entry. (RedHat, CentOS, OracleLinux, Ubuntu, Debian)

Deep Scan

  • Scan with root privilege
  • Parses the Changelog
    Changelog has a historical past of model adjustments. When a safety difficulty is fastened, the related CVE ID is listed. By parsing the changelog and analysing the updates between the put in model of software program on the server and the most recent model of that software program it is potential to create a listing of all vulnerabilities that have to be fastened.
  • Sometimes load on the scan goal server

Remote scan and Local scan
Remote Scan

  • User is required to solely setup one machine that’s related to different goal servers through SSH

Local Scan

  • If you don’t need the central Vuls server to hook up with every server by SSH, you need to use Vuls within the Local Scan mode.

Dynamic Analysis

  • It is feasible to accumulate the state of the server by connecting through SSH and executing the command.
  • Vuls warns when the scan goal server was up to date the kernel and so forth. however not restarting it.

Scan middleware that are not included in OS package management

  • Scan middleware, programming language libraries and framework for vulnerability
  • Support software program registered in CPE

MISC

  • Nondestructive testing
  • Pre-authorization is NOT vital earlier than scanning on AWS
    • Vuls works properly with Continuous Integration since checks may be run every single day. This lets you discover vulnerabilities in a short time.
  • Auto era of configuration file template
    • Auto detection of servers set utilizing CIDR, generate configuration file template
  • Email and Slack notification is feasible (helps Japanese language)
  • Scan result’s viewable on accent software program, TUI Viewer on terminal or Web UI (VulsRepo).

What Vuls Doesn’t Do

Authors
kotakanbe (@kotakanbe) created vuls and these fine people have contributed.

Change Log
Please see CHANGELOG.

MoreTip.com MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.