Packages and Binaries:

sploitscan

SploitScan is an efficient and easy-to-use command-line tool designed to consult CVE (Common Vulnerabilities and Exposures). Extremely important for professionals, as it allows them to implement measures that prevent the exploitation of discovered vulnerabilities.

Tool is capable of exporting in a single run results for JSON and CSV formats, from the main databases of entities and organizations linked to cybersecurity: - MITER Corporation. non-profit organization that provides technical solutions to critical security issue - EPSS (Exploit Prediction Scoring System) is a system that aims to predict the probability of a specific vulnerability, helping organizations prioritize their mitigation activities. - Gather PoCs (Proof of Concepts) Collecting PoCs is a common activity among vulnerability researchers and security professionals, who reproduce the severity of vulnerabilities in a controlled environment, aiming to take preventive measures. - CISA Infrastructure Security Agency - responsible for keeping Known Exploited Vulnerabilities Catalog (KEV) updated. - Capable of interacting with the Patch Priority System, responsible for evaluating and assigning a patch priority rating based on several factors, including the availability of public exploits.

Installed size: 160 KB
How to install: sudo apt install sploitscan

sploitscan

A tool to fetch and display vulnerability information and public exploits for given CVE IDs.

root@kali:~# sploitscan -h

███████╗██████╗ ██╗      ██████╗ ██╗████████╗███████╗ ██████╗ █████╗ ███╗   ██╗
██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝██╔════╝██╔════╝██╔══██╗████╗  ██║
███████╗██████╔╝██║     ██║   ██║██║   ██║   ███████╗██║     ███████║██╔██╗ ██║
╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   ╚════██║██║     ██╔══██║██║╚██╗██║
███████║██║     ███████╗╚██████╔╝██║   ██║   ███████║╚██████╗██║  ██║██║ ╚████║
╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   ╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝
v0.10.5 / Alexander Hagenah / @xaitax / [email protected]

usage: sploitscan [-h] [-e {json,JSON,csv,CSV,html,HTML}]
                  [-t {nessus,nexpose,openvas,docker}] [-i IMPORT_FILE]
                  [-c CONFIG] [-d]
                  [cve_ids ...]

SploitScan: Retrieve and display vulnerability data as well as public exploits
for given CVE ID(s).

positional arguments:
  cve_ids               Enter one or more CVE IDs to fetch data. Separate
                        multiple CVE IDs with spaces. Format for each ID: CVE-
                        YYYY-NNNNN. This argument is optional if an import
                        file is provided using the -i option.

options:
  -h, --help            show this help message and exit
  -e {json,JSON,csv,CSV,html,HTML}, --export {json,JSON,csv,CSV,html,HTML}
                        Optional: Export the results to a JSON, CSV, or HTML
                        file. Specify the format: 'json', 'csv', or 'html'.
  -t {nessus,nexpose,openvas,docker}, --type {nessus,nexpose,openvas,docker}
                        Specify the type of the import file: 'nessus',
                        'nexpose', 'openvas' or 'docker'.
  -i IMPORT_FILE, --import-file IMPORT_FILE
                        Path to an import file from a vulnerability scanner.
                        If used, CVE IDs can be omitted from the command line
                        arguments.
  -c CONFIG, --config CONFIG
                        Path to a custom config file.
  -d, --debug           Enable debug output.