Seccubus 2.0 Alpha2 Released
Tool to automatically fire regular security scans with Nessus. Compare results of the current scan with the previous scan and report on the delta in a web interface. Main objective of the tool is to make repeated scans more efficient.
Why?
Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular vulnerability scans of the same infrastructure.
How does it work?
Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI when findings can be easily marked as either real findings or non-issues. Non issues get ignored until they change. This causes a dramatically reduction a analysis time.
Changelog
- New features / Issues resolved
- Fixed slow speed of updates to multiple findings Scanning with Nessus should work a lot better in this version Bug fixed:
- #30 – Document running scans https://sourceforge.net/apps/trac/seccubus/ticket/30
- #32 – load_ivil command line argument ‘scan’ is ignored https://sourceforge.net/apps/trac/seccubus/ticket/32
- #34 – Default port for OpenVAS scanning not set correctly https://sourceforge.net/apps/trac/seccubus/ticket/34
- #35 – ivil does not import title of Nessus finiding https://sourceforge.net/apps/trac/seccubus/ticket/35
- #37 – @HOSTS gets expanded to /tmp/seccus.hosts.PID in stead of /tmp/seccubus.hosts.PID https://sourceforge.net/apps/trac/seccubus/ticket/37
- #38 – nessus2ivil should not die on unknown attribute https://sourceforge.net/apps/trac/seccubus/ticket/38