vuls-docker-compose's Introduction

Inspired by https://github.com/FuCrowRabbit/VulsInDockerCompose

Vuls in Docker-Compose

See main docs: https://vuls.io/docs/en/tutorial-docker.html

Step1. Fetch NVD

for i in `seq 2002 $(date +"%Y")`; do \
docker-compose run --rm go-cve-dictionary fetchnvd -years $i; \
done

To fetch JVN(Japanese), See README

Step2. Fetch OVAL (e.g. Ubuntu 20)

goval-dictionary

docker-compose run --rm goval-dictionary fetch ubuntu 20

To fetch other OVAL, See README

Step3. Fetch gost (e.g. Ubuntu)

gost

docker-compose run --rm gost fetch ubuntu

To fetch Debian security tracker, See Gost README

Step3.5. Fetch go-exploitdb

go-exploitdb

docker-compose run go-exploitdb fetch exploitdb

To fetch deep go-exploitdb, See this

Step3.6. Fetch go-msfdb

go-msfdb

docker-compose run --rm go-msfdb fetch msfdb

Step4. Write Configuration

Create config.toml referring to this.

[cveDict]
type = "sqlite3"
SQLite3Path = "/vuls/cve.sqlite3"

[ovalDict]
type = "sqlite3"
SQLite3Path = "/vuls/oval.sqlite3"

[gost]
type = "sqlite3"
SQLite3Path = "/vuls/gost.sqlite3"

[exploit]
type = "sqlite3"
SQLite3Path = "/vuls/go-exploitdb.sqlite3"

[metasploit]
type = "sqlite3"
SQLite3Path = "/vuls/go-msfdb.sqlite3"

[servers]

[servers.example]
host            = "example_host"
user            = "example_user"
# if ssh config file exists in .ssh, path to ssh config file in docker
sshConfigPath   = "/root/.ssh/config"
# path to ssh private key in docker
keyPath         = "/root/.ssh/id_rsa.key"

Configtest

docker-compose run --rm vuls configtest -config=./config.toml

Usage: configtest

Scan

docker-compose run --rm -e "TZ=Asia/Tokyo" vuls scan -config=./config.toml

Usage: Scan

Report

docker-compose run --rm vuls report -config=./config.toml -format-list

Usage: Report

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.

bossjones / vuls-docker-compose Goto Github PK