Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's
- Scan a system with NMap or any other scanning tool and use the scan to analyse the systems for vulnerabilities
- Have the posibility for multiple input formats (NMap scan, xml, Json, etc)
- Use CVE-Search to enhance the scan to add more information
- Have multiple export formats as well as webbrowser component
- Automatically download known scripts to use on exploits
Warning, this tutorial is for Linux systems (developed and tested on Ubuntu 14.10). This program should run under Windows (and probably Mac) systems as well.
CVE-Scan uses the CVE-Search API to enhance your nmap scans. You can use CIRCLs [public API] (cve.circle.lu), or install CVE-Search localy, or on another accessible machine. You can install CVE-Search from the git repo. For now, CVE-Search does not have a "core" package yet (Without the webpages), but I will add this later on. Once you installed CVE-Search, in the configuration file, make sure you set the correct URL to it.
CVE-Scan needs some aditional packages to work. Install them using:
sudo apt-get install -y nmap (or your package manager of choice)
pip3 install -r requirements.txt
To use CVE-Scan, first run an nmap scan on a system. You can modify the parameters however you want, however, you'd want to include Service Detection and OS detection. Below, you can find a default nmap scan that will output to an xml file.
nmap -A -O 192.168.0.1 -oX output.xml
Next, run:
Python3 Nmap2CVE-Search.py -xN output.xml
This will start a webserver (default on localhost, port 5050), so browse to http://localhost:5050.
To stop the webserver, just press the ctrl+C combination in the terminal.
This software is licensed under the "Original BSD License".
(C) 2015 NorthernSec https://github.com/NorthernSec
(c) 2015 Pieter-Jan Moreels https://github.com/pidgeyl