Saturday, March 15, 2008

d3vscan Vulnerability Scanner plugin

      I've been working on the vulnerability scanner plugin for d3vscan utilizing the OSVDB database. With the correlation amongst the product_id, version_id and vendor_id, this correlation_id is then used to obtain the respective vulnerability. The issue thus far is that the correlation is made upon a larger subset when Nmap isn't able to populate the osmatch field. I have added checks on the generated osmatch but nonetheless, the accuracy depends on the OS identification. That is where I hope the work of Zaid and Hazwan for the improved Neural Network based OS identification comes in. Here are some screenshots:

                                 The Plugin Screen

                                 Vulnerability Scan Results in Scan View

                                  Vulnerability Scan Results in List View

No comments: