Penetration testing commands for Vulnerability Assessment
Vulnerability assessment is the systematic review of security weaknesses in information systems. It involves identification, classification, and prioritisation to mitigate potential risks.
| Name | Description | Price |
|---|---|---|
| cve-search | Tool to import CVE and CPE into a MongoDB to facilitate search and processing of CVEs | Free |
| CVEMap | CLI tool designed to provide a structured interface to various vulnerability databases | Free |
| cvss-suite | CVSS calculator library | Free |
| go-cve-dictionary | Self-hosted CVE feed server | Free |
| GVM | The Greenbone Vulnerability Management (GVM) is a framework of several services: gvmd is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. The Greenbone Security Assistant (GSA) is the web interface of GVM. The main scanner (OpenVAS) is a full-featured scan engine that executes a continuously updated and extended feed of Network Vulnerability Tests (NVTs). Complementary to the web interface, GVM-Tools allows batch processing / scripting via the Greenbone Management Protocol (GMP). Additional scanners can be integrated via the Open Scanner Protocol (OSP) | Paid |
| nvd_feed_api | A ruby API for NVD CVE feeds management, the library will help you to download and manage NVD Data Feeds, search for CVEs, build your vulerability assesment platform or vulnerability database | Free |
| SECMON | Web-based platform for the automation of infosec watching and vulnerability management | Free |
| ThreatMapper | Identify vulnerabilities in running containers, images, hosts and repositories | Free |
| VRT Ruby Wrapper | Wrapper for the Vulnerability Rating Taxonomy | Free |
| Vulnogram | Create and edit CVE information in CVE JSON format | Free |
| Vuls | Agentless system vulnerability scanner for Linux/FreeBSD with a dashboard (VulsRepo) for analyzing the scan results | Free |