search_vulns: Search for known vulnerabilities in software
search_vulns can be used to search for known vulnerabilities in software. To achieve this, the tool utilizes a locally built vulnerability database, currently containing:
- CVE information from the National Vulnerability Database (NVD)
- Enhanced NVD information from VulnCheck NVD++
- Exploit information from the Exploit-DB (EDB)
- Exploit information from PoC-in-GitHub
- Vulnerability information from the GitHub Security Advisory Database
- Software currency information from endoflife.date
Since search_vulns is designed in a modular fashion, new data sources and extensions can be integrated easily.
Using the search_vulns tool, this local information can be queried, either by providing software titles like ‘Apache 2.4.39’ or by providing a CPE 2.3 string like cpe:2.3:a:sudo_project:sudo:1.8.2:*:*:*:*:*:*:*. You can also search for vulnerabilities like CVE-2023-1234 or GHSA-xx68-jfcg-xmmf directly by using a comma-separated list of IDs.
search_vulns can either be used as a CLI tool or via a web server. It is recommended to use the CLI tool for automated workflows that might be resource-constrained. Otherwise, using the web server is recommended, because it offers more features and flexibility. This includes the ability to achieve more complete results. Also, the presentation of results is clearer and results can be exported for further use.
search_vulns’ search engine is designed in a modular manner. Therefore, new databases can be integrated easily. For example, modules can help in finding product IDs, vulnerabilities, extra information about vulnerabilities and extra information about the queried product. Examples of the latter two are CVSS scores or software recency information. Furthermore, modules can classify identified vulnerabilities as patched if they store and utilize special information related to the query, for example.
Have a look at the template module to get started writing your own modules: modules/template/search_vulns_template.py.
Install & Use
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
