Skip to content

alonz22/CVE-SCANNER

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-SCANNER - Automated Linux CVE Scanner

Overview As a Cloud Security Engineer, I often found it challenging to manually scan Linux servers for CVEs in installed packages. Keeping track of vulnerabilities across various packages and distributions was time-consuming and error-prone. To address this issue, I created CVE-SCANNER, a simple Python tool that automates the process of scanning installed packages for CVEs on Debian and RedHat Linux systems. CVE-SCANNER fetches real-time CVE data from the National Vulnerability Database (NVD) maintained by NIST, ensuring that you have the latest information on vulnerabilities affecting your system.

Features Easy-to-Use: CVE-SCANNER is designed to be user-friendly. You can run it via the command line interface (CLI) with simple commands. Package Specific Scan: Scan for CVEs in a specific package by providing its name, e.g., CVE-SCANNER.py -s "apache". Output Formats: Generate reports in JSON or HTML format by using the --json or --html flags. Full System Scan: Perform a scan for all installed packages without specifying a specific package name, e.g., CVE-SCANNER.py --json or CVE-SCANNER.py --html. The output will show the following:

  1. The package name which the CVE was found for.
  2. The current package version installed,
  3. The CVE-ID, according to NIST's NVD.
  4. A short description related to the CVE.
  5. A severity level (from LOW to CRITICAL).

Requirements

  • Root privileges to install the desired pip packages
  • Python 3
  • Pip
  • Python libraries: BeautifulSoup and requests You can install the required Python libraries by running the following command:

pip install -r requirements.txt

Usage

Here are some examples of how to use CVE-SCANNER:

Running the tool with -h or --help will give you the following:

python3 cve-scanner-debian.py --help

usage: cve-scanner-debian.py [-h] [--html] [--json] [-s SEARCH]

Scan all installed packages for CVEs and export results in HTML or JSON format.

optional arguments:
  -h, --help            show this help message and exit
  --html                Export results in HTML format.
  --json                Export results in JSON format.
  -s SEARCH, --search SEARCH
                        Search for CVEs related to a specific package.

Scan a specific package (e.g., Apache) and generate a JSON report:

python3 CVE-SCANNER.py -s "apache" --json

Scan a specific package (e.g., Apache) and generate an HTML report:

CVE-SCANNER.py -s "apache" --html Perform a full system scan and generate a JSON report:

python3 CVE-SCANNER.py --json

Output sample for json report:

image

Perform a full system scan and generate an HTML report:

python3 CVE-SCANNER.py --html

Output example for html report:

image

Disclaimer

CVE-SCANNER is provided for educational and informational purposes only. It is not a substitute for professional security assessments and should not be used as the sole tool for making security decisions. The accuracy and completeness of CVE data can vary, and false negatives or positives may occur. Always exercise caution and perform comprehensive security assessments when evaluating the security of your systems. Use CVE-SCANNER responsibly and at your own risk.

License

This project is licensed under the MIT License - see the LICENSE file for details.