04.01.2018       Выпуск 211 (01.01.2018 - 07.01.2018)       Интересные проекты, инструменты, библиотеки

VulnWhisperer - представляем в удобном виде информацию об уязвимостях

Читать>>



Экспериментальная функция:

Ниже вы видите текст статьи по ссылке. По нему можно быстро понять ссылка достойна прочтения или нет

Просим обратить внимание, что текст по ссылке и здесь может не совпадать.

README.md

Create actionable data from your vulnerability scans

VulnWhisperer is a vulnerability data and report aggregator. VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed.

Build Status MIT License

Currently Supports

Vulnerability Frameworks

Getting Started

  1. Follow the install requirements
  2. Fill out the section you want to process in example.ini file
  3. Modify the IP settings in the logstash files to accomodate your environment and import them to your logstash conf directory (default is /etc/logstash/conf.d/)
  4. Import the kibana visualizations
  5. Run Vulnwhisperer

Requirements

  • ElasticStack 5.x
  • Python 2.7
  • Vulnerability Scanner
  • Optional: Message broker such as Kafka or RabbitMQ
Install dependant modules
cd deps/qualysapi
python setup.py install

Using requirements file:
sudo pip install -r /path/to/VulnWhisperer/requirements.txt

cd /path/to/VulnWhisperer
sudo python setup.py install

Configuration

There are a few configuration steps to setting up VulnWhisperer:

  • Configure Ini file
  • Setup Logstash File
  • Import ElasticSearch Templates
  • Import Kibana Dashboards

example.ini file

To run, fill out the configuration file with your vulnerability scanner settings. Then you can execute from the command line.

vuln_whisperer -c configs/example.ini -s nessus
or
vuln_whisperer -c configs/example.ini -s qualys

Next you'll need to import the visualizations into Kibana and setup your logstash config. A more thorough README is underway with setup instructions.

Running Nightly

If you're running linux, be sure to setup a cronjob to remove old files that get stored in the database. Be sure to change .csv if you're using json.

Setup crontab -e with the following config (modify to your environment) - this will run vulnwhisperer each night at 0130:

00 1 * * * /usr/bin/find /opt/vulnwhisp/ -type f -name '*.csv' -ctime +3 -exec rm {} \;

30 1 * * * /usr/local/bin/vuln_whisperer -c /opt/vulnwhisp/configs/example.ini

For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory.

Credit

Big thank you to Justin Henderson for his contributions to vulnWhisperer!

AS SEEN ON TV



Лучшая Python рассылка

Нас поддерживает


Python Software Foundation



Разместим вашу рекламу

Пиши: mail@pythondigest.ru

Нашли опечатку?

Выделите фрагмент и отправьте нажатием Ctrl+Enter.

Система Orphus