Vulnerability detection using VulnDB integration with Nmap


Home > Blogs > Vulnerability detection using VulnDB integration with Nmap

 
 

Vulnerability management

is the process of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It is crucial to computer security and network security. Vulnerability scanning is a security technique used to identify security weaknesses in a computer system which can be used by individuals or network administrators for security purposes.

Vulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability service like VulnDB.

RiskBasedSecurity wanted to integrate their vulnerability database i.e. VulnDB with the Nmap scan similar to the open source FlanScan by Cloudflare.

 

Reference: Opensource Flan Scan by Cloudflare

VulnDB is the most comprehensive and timely vulnerability intelligence available and provides actionable information about the latest in security vulnerabilities via an easy-to-use SaaS Portal, or a RESTful API that allows easy integration into GRC tools and ticketing systems. VulnDB allows organizations to search and be alerted on the latest vulnerabilities, both in end-user software and the 3rd Party Libraries or dependencies.

Nmap and VulnDB integration aims at integrating the vulnerabilities from VulnDB (Database maintained by Risk Based Security) within Nmap scan.

With this integration, you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs fetched from VulnDB affecting your network. This integration can be considered an abstraction over Nmap which turns Nmap into a full-fledged network vulnerability scanner. It consists of VulnDB NSE script (written in Lua language) which is the core component that fetches relevant vulnerabilities from VulnDB.

 
 
 
 

Author
DIPIKA MANSUKHANI

Dipika Mansukhani is working as a Senior Technical Lead at Crest Data. She has 14+ years of experience in the areas of Big Data technologies like Hadoop; NoSQL databases like MongoDB, HBASE; Analytics solutions like ELK; Java, Python, Web Services, etc. Before joining Crest, Dipika worked as a Solutions Lead for Big Data solutions in her previous company and also as a Team Lead for project delivery. She holds a Masters Degree in Computer Applications from GLS University.

 
Previous
Previous

Introduction: DevOps & Site Reliability Engineering

Next
Next

How to get your data from various services to MS Teams Channel