[Libguestfs] Libguestfs based vulnerability scanner
noxdafox
noxdafox at gmail.com
Wed Aug 31 15:49:08 UTC 2016
Greetings,
I built a small proof-of-concept and I've been suggested to share it
with the community.
The tool consists of a vulnerability scanner based on Libguestfs.
The tool lists all the installed applications within a disk image and
queries a CVE database via REST interface. The data gets aggregated in
order to provide a report of the vulnerable applications within the disk
image.
Here's a concrete example:
http://pastebin.com/w6DZkwCg
A possible use case could be the vulnerability assessment and management
of Cloud instances.
The tool is part of a library I've been building to help automating
security assessment and forensics analysis of disk images.
https://github.com/noxdafox/vminspect
I did not test it much yet. Therefore, it might raise several false
positives or miss important vulnerabilities but considering it's ~ 100
lines of Python code, I'd say is a good starting point.
The tool is relying on cve-search REST APIs to retrieve the
vulnerability list.
https://github.com/adulau/cve-search
More information about the Libguestfs
mailing list