Scribd
Upload
151 views

Security Scanning and Vulnerability Tool

The document describes a security scanning and vulnerability management tool. It contains sections on the need for such a tool, its core features, scan engine, databases, how it works, and results. The tool integrates multiple open source security tools to provide a holistic view of vulnerabilities for domains or IPs. It performs network scanning, web app scanning, technology stack analysis, and checks results against its CVE database to identify potential vulnerabilities.

Uploaded by

Shashikant singh
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
151 views

Security Scanning and Vulnerability Tool

The document describes a security scanning and vulnerability management tool. It contains sections on the need for such a tool, its core features, scan engine, databases, how it works, and results. The tool integrates multiple open source security tools to provide a holistic view of vulnerabilities for domains or IPs. It performs network scanning, web app scanning, technology stack analysis, and checks results against its CVE database to identify potential vulnerabilities.

Uploaded by

Shashikant singh
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

SECURITY SCANNING

AND VULNERABILITY
MANAGEMENT TOOL
INDEX
• Title
• Introduction
• The Need for Security Scanning
And Vulnerability Management Tool
• Core Features
• The Scan Engine
• Databases and Collections
• Scan in Action
• Results and Alerts
SECURITY SCANNING AND VULNERABILITY MANAGEMENT
TOOL : A HOLISTIC SECURITY TOOLSET
• "Enhancing Security for Product Teams, Red Teams, and Bug Bounty Hunters"
INTRODUCTION

• It is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way
Watchdog is built, it can be used by product security teams, red teams and also by bug bounty hunters to get a 360° view
of any Internet property it scans. Given a list of domains/IP's it has the capability to perform a network scan, feed the
output to open source web app scanners like Google's skip-fish and wapiti, perform tech stack analysis and determine if
the stack has any known CVE’s.
THE NEED FOR SECURITY SCANNING AND
VULNERABILITY MANAGEMENT TOOL
• It is designed considering the use case necessary to know all open services and its
corresponding technologies for the endpoints you own, exposed over the Internet. As a
company grows, it’s foot-prints grow on the World Wide Web leaving it's product security team
with herculean task of maintaining an inventory of all the services and technologies exposed.
This becomes further crucial at the event of a zero-day outbreak for a particular protocol or a
third party product which might affect public endpoints of the company

• It has the ability to scan all endpoints and perform technology version analysis on the services it
detects and map this information with it’s rich CVE database maintained and updated locally.
CORE FEATURES

• List of core features

• 1. Network scan using Nmap

• 2. Web app scanning with Skipfish and Wapiti

• 3. Tech stack analysis

• 4. CVE database integration


THE SCAN ENGINE

• Description of the tools used in the scan engine


• 1. Nmap
• 2. Skipfish
• 3. Wapiti
• 4. BuiltWith
• 5. Phantalyzer
• 6. Wappalyzer
• The Scan Engine
• It utilizes a powerful scan engine that combines multiple tools to provide comprehensive security
assessments:
• 1. Nmap: Nmap is a versatile network scanning tool that helps identify open ports, services, and
potential vulnerabilities.
• 2. Skipfish: Skipfish is a web application security scanner that crawls and analyzes web applications,
identifying security flaws and vulnerabilities.
• 3. Wapiti: Wapiti is another web application scanner that detects vulnerabilities by injecting payloads
and analyzing the responses.
• 4. BuiltWith: BuiltWith is a technology profiling tool that provides insights into the technologies used by
a website, helping identify potential vulnerabilities associated with specific technologies.
• 5. Phantalyzer: Phantalyzer is a tool that performs tech-stack fingerprinting, identifying the
technologies and versions used by a website or application.
• 6. Wappalyzer: Wappalyzer is a browser extension that detects the technologies used by a website,
providing valuable information for security assessments.
EXPLANATION OF OUR TOOL LOCALLY MAINTAINED CVE
DATABASE AND OTHER COLLECTIONS
• 1. cves
• 2. cpe
• 3. cwe
• 4. capec
• 5. ranking
• 6. d2sec
• 7. MITRE Reference Key/Maps
• 8. ms
• 9. exploitdb
• 10. info
• 11. via4 VIA4CVE cross-references
• Databases and Collections .
• It maintains a locally managed database and various collections to enhance its security assessments:
• 1. cves: our tool CVE database contains information about known vulnerabilities, enabling accurate vulnerability identification and
assessment.
• 2. cpe: The Common Platform Enumeration (CPE) database provides standardized identifiers for platforms, helping identify
vulnerabilities associated with specific technologies.
• 3. cwe: The Common Weakness Enumeration (CWE) database categorizes common software weaknesses, aiding in vulnerability
identification and mitigation.
• 4. capec: The Common Attack Pattern Enumeration and Classification (CAPEC) database provides a comprehensive list of attack
patterns, assisting in identifying potential attack vectors.
• 5. ranking: our tool ranking database prioritizes vulnerabilities based on their severity and potential impact, helping organizations focus
on critical issues.
• 6. d2sec: The d2sec database contains exploit codes and security advisories, enabling Watchdog to identify potential exploits and
vulnerabilities.
• 7. MITRE Reference Key/Maps: Our Tool integrates with MITRE's reference key and maps, providing additional context and
information about vulnerabilities.
• 8. ms: The ms database contains information about Microsoft vulnerabilities, enabling accurate identification and assessment of
Microsoft-related vulnerabilities.
• 9. exploitdb: The exploitdb database contains a collection of exploits, aiding in vulnerability identification and assessment.
• 10. info: The info database provides additional information and context about vulnerabilities, enhancing the accuracy of our tool
assessments.
• 11. via4 VIA4CVE Cross-References: Our tool integrates with the VIA4CVE cross-references, providing additional information and
context about vulnerabilities.
• Walkthrough of what happens when you run our tool

• 1. Test domain: www.scanthis.com


• 2. Scan steps:
• a. Find visible open ports
• b. Perform tech-stack fingerprinting
• c. Map tech-stack versions with known vulnerabilities
• d. Web application security scanning
• e. Data population on our tools UI
• Scan in Action
• Let's walk through the process of running our tool on a test domain, www.scanthis.com:
• 1. Find Visible Open Ports: Our tool starts by scanning the target domain to identify visible open ports, services, and potential
entry points for attackers.
• 2. Perform Tech-Stack Fingerprinting: It performs tech-stack fingerprinting, identifying the technologies and versions used by the
target domain.
• 3. Map Tech-Stack Versions with Known Vulnerabilities: It cross-references the identified tech-stack versions with its CVE
database, mapping potential vulnerabilities associated with specific versions.
• 4. Web Application Security Scanning: It performs a comprehensive web application security scan, identifying security flaws,
vulnerabilities, and potential attack vectors.
• 5. Data Population on our tools UI: The results of the scan are populated on Our tools user interface, providing a comprehensive
view of the identified vulnerabilities and potential risks.
RESULTS AND ALERTS

You might also like