Scribd Logo
Upload

Welcome to Scribd!

  • Security Scanning and Vulnerability Tool

    Uploaded by

    Shashikant singh
    45 views14 pages

    Original Title

    Security Scanning and vulnerability tool

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    45 views14 pages

    Security Scanning and Vulnerability Tool

    Uploaded by

    Shashikant singh

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    SECURITY SCANNING

    AND VULNERABILITY
    MANAGEMENT TOOL
    INDEX
    • Title
    • Introduction
    • The Need for Security Scanning
    And Vulnerability Management Tool
    • Core Features
    • The Scan Engine
    • Databases and Collections
    • Scan in Action
    • Results and Alerts
    SECURITY SCANNING AND VULNERABILITY MANAGEMENT
    TOOL : A HOLISTIC SECURITY TOOLSET
    • "Enhancing Security for Product Teams, Red Teams, and Bug Bounty Hunters"
    INTRODUCTION

    • It is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way
    Watchdog is built, it can be used by product security teams, red teams and also by bug bounty hunters to get a 360° view
    of any Internet property it scans. Given a list of domains/IP's it has the capability to perform a network scan, feed the
    output to open source web app scanners like Google's skip-fish and wapiti, perform tech stack analysis and determine if
    the stack has any known CVE’s.
    THE NEED FOR SECURITY SCANNING AND
    VULNERABILITY MANAGEMENT TOOL
    • It is designed considering the use case necessary to know all open services and its
    corresponding technologies for the endpoints you own, exposed over the Internet. As a
    company grows, it’s foot-prints grow on the World Wide Web leaving it's product security team
    with herculean task of maintaining an inventory of all the services and technologies exposed.
    This becomes further crucial at the event of a zero-day outbreak for a particular protocol or a
    third party product which might affect public endpoints of the company

    • It has the ability to scan all endpoints and perform technology version analysis on the services it
    detects and map this information with it’s rich CVE database maintained and updated locally.
    CORE FEATURES

    • List of core features

    • 1. Network scan using Nmap

    • 2. Web app scanning with Skipfish and Wapiti

    • 3. Tech stack analysis

    • 4. CVE database integration


    THE SCAN ENGINE

    • Description of the tools used in the scan engine


    • 1. Nmap
    • 2. Skipfish
    • 3. Wapiti
    • 4. BuiltWith
    • 5. Phantalyzer
    • 6. Wappalyzer
    • The Scan Engine
    • It utilizes a powerful scan engine that combines multiple tools to provide comprehensive security
    assessments:
    • 1. Nmap: Nmap is a versatile network scanning tool that helps identify open ports, services, and
    potential vulnerabilities.
    • 2. Skipfish: Skipfish is a web application security scanner that crawls and analyzes web applications,
    identifying security flaws and vulnerabilities.
    • 3. Wapiti: Wapiti is another web application scanner that detects vulnerabilities by injecting payloads
    and analyzing the responses.
    • 4. BuiltWith: BuiltWith is a technology profiling tool that provides insights into the technologies used by
    a website, helping identify potential vulnerabilities associated with specific technologies.
    • 5. Phantalyzer: Phantalyzer is a tool that performs tech-stack fingerprinting, identifying the
    technologies and versions used by a website or application.
    • 6. Wappalyzer: Wappalyzer is a browser extension that detects the technologies used by a website,
    providing valuable information for security assessments.
    EXPLANATION OF OUR TOOL LOCALLY MAINTAINED CVE
    DATABASE AND OTHER COLLECTIONS
    • 1. cves
    • 2. cpe
    • 3. cwe
    • 4. capec
    • 5. ranking
    • 6. d2sec
    • 7. MITRE Reference Key/Maps
    • 8. ms
    • 9. exploitdb
    • 10. info
    • 11. via4 VIA4CVE cross-references
    • Databases and Collections .
    • It maintains a locally managed database and various collections to enhance its security assessments:
    • 1. cves: our tool CVE database contains information about known vulnerabilities, enabling accurate vulnerability identification and
    assessment.
    • 2. cpe: The Common Platform Enumeration (CPE) database provides standardized identifiers for platforms, helping identify
    vulnerabilities associated with specific technologies.
    • 3. cwe: The Common Weakness Enumeration (CWE) database categorizes common software weaknesses, aiding in vulnerability
    identification and mitigation.
    • 4. capec: The Common Attack Pattern Enumeration and Classification (CAPEC) database provides a comprehensive list of attack
    patterns, assisting in identifying potential attack vectors.
    • 5. ranking: our tool ranking database prioritizes vulnerabilities based on their severity and potential impact, helping organizations focus
    on critical issues.
    • 6. d2sec: The d2sec database contains exploit codes and security advisories, enabling Watchdog to identify potential exploits and
    vulnerabilities.
    • 7. MITRE Reference Key/Maps: Our Tool integrates with MITRE's reference key and maps, providing additional context and
    information about vulnerabilities.
    • 8. ms: The ms database contains information about Microsoft vulnerabilities, enabling accurate identification and assessment of
    Microsoft-related vulnerabilities.
    • 9. exploitdb: The exploitdb database contains a collection of exploits, aiding in vulnerability identification and assessment.
    • 10. info: The info database provides additional information and context about vulnerabilities, enhancing the accuracy of our tool
    assessments.
    • 11. via4 VIA4CVE Cross-References: Our tool integrates with the VIA4CVE cross-references, providing additional information and
    context about vulnerabilities.
    • Walkthrough of what happens when you run our tool

    • 1. Test domain: www.scanthis.com


    • 2. Scan steps:
    • a. Find visible open ports
    • b. Perform tech-stack fingerprinting
    • c. Map tech-stack versions with known vulnerabilities
    • d. Web application security scanning
    • e. Data population on our tools UI
    • Scan in Action
    • Let's walk through the process of running our tool on a test domain, www.scanthis.com:
    • 1. Find Visible Open Ports: Our tool starts by scanning the target domain to identify visible open ports, services, and potential
    entry points for attackers.
    • 2. Perform Tech-Stack Fingerprinting: It performs tech-stack fingerprinting, identifying the technologies and versions used by the
    target domain.
    • 3. Map Tech-Stack Versions with Known Vulnerabilities: It cross-references the identified tech-stack versions with its CVE
    database, mapping potential vulnerabilities associated with specific versions.
    • 4. Web Application Security Scanning: It performs a comprehensive web application security scan, identifying security flaws,
    vulnerabilities, and potential attack vectors.
    • 5. Data Population on our tools UI: The results of the scan are populated on Our tools user interface, providing a comprehensive
    view of the identified vulnerabilities and potential risks.
    RESULTS AND ALERTS

    You might also like