Vulnreport

LSE toolsLSE toolsVulnreport (238)Vulnreport (238)

Tool and Usage

Project details
LicenseBSD 3-clause
Programming languageRuby
AuthorTim Bach
Latest release3.0.3 []

Project health

74
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Vulnreport is a platform to deal with penetration test results. The tool formats them and provides actionable findings reports. The platform is strong in focusing on automation, to reduce the time spent by engineers.

Background information

Vulnreport was built by the Product Security team from Salesforce. They wanted to reduce the required time to write, format, and proofing the reports of the penetration tests.

Usage and audience

Vulnreport is commonly used for security reviews, vulnerability management, or vulnerability scanning. Target users for this tool are auditors, pentesters, security professionals, and system administrators.

Features

  • Customization and additions are possible
  • Tool allows multiple integrations

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

History and highlights

  • Speaker at Black Hat USA 2016

Author and Maintainers

Vulnreport is under development by Tim Bach and maintained by Salesforce.

Installation

Supported operating systems

Vulnreport is known to work on Linux.

Dependencies

Several dependencies are required to use Vulnreport.

  • Bundler
  • PostgreSQL
  • Redis
  • rollbar
  • Ruby

Vulnreport alternatives

Similar tools to Vulnreport:

100

Faraday

Faraday is collaboration tool for pentest assignments and vulnerability management. It allows integration with a number of other security tools.

100

Infection Monkey

The Infection Monkey is a security tool to test the resiliency of a data center or network. It tries to breach the perimeter and infect any internal server. Upon success, it reports the status to the centralized Monkey Island server. This tool can help with automating security assessments or perform a self-assessment.

85

ShellPop

ShellPop is a security tool used by penetration testers during their assignments. It helps with generating both easy and more sophisticated reverse or bind shell commands.

All Vulnreport alternatives

Found an improvement? Help the community by submitting an update.

Related tool information