-
Notifications
You must be signed in to change notification settings - Fork 103
1. Tool Overview
Nmap Skipfish Wapiti BuiltWith Phantalyzer Wappalyzer
Watchdog installs a local copy of CVE database which is a collection of following DB's :
cves (Common Vulnerabilities and Exposure items) - source NVD NIST cpe (Common Platform Enumeration items) - source NVD NIST cwe (Common Weakness Enumeration items) - source NVD NIST capec (Common Attack Pattern Enumeration and Classification) - source NVD NIST ranking (ranking rules per group) - local cve-search d2sec (Exploitation reference from D2 Elliot Web Exploitation Framework) - source d2sec.com MITRE Reference Key/Maps - source MITRE reference Key/Maps ms - (Microsoft Bulletin (Security Vulnerabilities and Bulletin)) - source Microsoft exploitdb (Offensive Security - Exploit Database) - source offensive security info (metadata of each collection like last-modified) - local cve-search via4 VIA4CVE cross-references.
Test domain: www.scanthis.com
a. Scan the domain to find visible open ports.
{e.g. output}
- 80 [Apache httpd 2.4.7 ((Debian))]
- 443 [Apache httpd 2.4.7 ((Debian))]
- 22 [OpenSSH 5.8p1_hpn13v10 (FreeBSD 20110102; protocol 2.0)]
- 21 [ProFTPD 1.3.3e]
- 993 [Plesk Courier imapd]
b. Perform tech-stack fingerprinting and identify all front-end and service level technologies running.
- jquery [1.8.1]
- php [5.5.9]
- twitter bootstrap [2.3]
- font awesome [**]
- google analytics [**]
- piwik []
c. Map the tech-stack versions with known vulnerabilities found in the master CVE database.
- [e.g. jquery 1.8.1 version has multiple CVE's - CVE-2012-6708, CVE-2015-9251]
- [e.g. php 5.5.9 version has multiple CVE's - CVE-2016-4073, CVE-2015-8835]
- [e.g. apache 2.4.7 version has multiple CVE's - CVE-2017-7679, CVE-2014-0226]
d. If step 1 detects any http services running [80/443] it will go ahead and perform a web application security scanning with wapiti and Skipfish.
f. Once the scan is complete the data will get populated on Watchdog’s UI which can be found at http://localhost/index.php