Open in app

Sign in

Write

Sign in

vPrioritizer — An Open-Source Automated Vulnerability Management Tool Across the Organization

Cyber3ra
2 min readOct 22, 2020

vPrioritizier — An Open-Source Automated Vulnerability Management Tool Practically

As indicated by sources like vulnerable dB & CVE, daily, approximately 50 new vulnerabilities become known to industry and it’s safe to assume that count goes to extend furthermore. It’s an enormous number of vulnerabilities to assess and remediate effectively and quickly. So today organizations are focusing (or should focus) on reducing the danger instead of eliminating it and vulnerability management is (almost) adequate to risk prioritization and risk may be a variable and dynamic concept determined by multiple factors.

Theoretically, the approach of considering factors like base CVSS, asset accessibility, criticality, exploit availability, business sensitivity, etc. looks appropriate to adopt but it’s not practically possible to try to to it manually for each vulnerability affecting every asset by every organization.

Roadmap

  • Docker support for all OS (Linux, Mac, Windows)
  • Integration with scanners API:
  • Nexpose
  • QualysGuard
  • Nessus
  • Cloud Native Scanner
  • AWS Inspector
  • Azure Security Center
  • GCP Security Command Center
  • “Custom Upload Field” module
  • Cumulation of vulnerabilities
  • Custom “Settings” page
  • Maintaining the KB for vulnerabilities
  • “Help” for vulnerabilities by OSINT
  • Prioritization algorithm maturity (ongoing)

PRACTICAL :

For Linux users:

  1. Install docker & docker-compose
  • sudo apt-get update
  • sudo apt-get install docker-ce docker-compose
  • service docker start
  • service docker status

2. pip3 install -r requirements.txt

3. wget https://raw.githubusercontent.com/varchashva/vPrioritizer/master/docker-compose.yml

4. docker-compose up

5. python manage.py runserver

5. Browse to http://localhost:7777/vp and you are set to explore the tool :)

For Windows and Mac users:

  1. Install postgres
  2. Create user and database with below details:
  • Username: vprioritizer
  • Password: vprioritizer
  • Database Name: vprioritizer

3. git clone https://github.com/varchashva/vPrioritizer.git

4. cd vPrioritizer

5. python manage.py runserver 0.0.0.0:7777

6. Browse to http://localhost:7777/vp and you are set to explore the tool :)

SCREENSHOT

NOTE : Use this link http://localhost:7777/vp/ to run this tool on the browser.

Download link go to my website :

https://www.cyber3ra.com/blogs/

“By Sushil Prajapati”

Web Penetration Testing
Ethical Hacking
Cybersecurity
Network Security
Penetration Testing

--

--

Cyber3ra

Written by Cyber3ra

25 Followers

Welcome to cyber3ra , Nagpur (India ). We Proudly Stand as one of the fastest-growing Cyber And Technology Based Community. visit : https://www.cyber3ra.com

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams