Vulnreport

LSE toolsLSE toolsVulnreport (133)Vulnreport (133)

Tool and Usage

Vulnreport is a tool to automate and manage all the data involved security reviews. In particular, it focuses on discovered vulnerabilities.

Screenshot for Vulnreport tool review

Why this tool?

Vulnreport is a platform to deal with penetration test results. The tool formats them and provides actionable findings reports. The platform is strong in focusing on automation, to reduce the time spent by engineers.

Additional information

Vulnreport was built by the Product Security team from Salesforce. They wanted to reduce the required time to write, format, and proofing the reports of the penetration tests.

Usage and audience

This tool is categorized as a security automation tool, security collaboration tool, and security reporting tool.

Vulnreport is commonly used for security reviews, vulnerability management, or vulnerability scanning. Target users for this tool are auditors, pentesters, security professionals, and system administrators.

Features

  • Vulnreport is written in Ruby
  • Customization and additions are possible
  • Tool allows multiple integrations

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

History and highlights

  • Presentation at Black Hat USA 2016

Author and Maintainers

Vulnreport is under development by Tim Bach and maintained by Salesforce.

Installation

Support operating systems

Vulnreport is known to work on Linux.

Dependencies

Several dependencies are required to use Vulnreport.

  • Bundler
  • PostgreSQL
  • Redis
  • rollbar
  • Ruby
This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release3.0.3 [2016-10-14]
License(s)BSD 3-clause
Last updatedOct. 9, 2017

Project health

78
This score is calculated by different factors, like project age, last release date, etc.

Links

GitHub iconVulnreport GitHub project
Twitter icon@SecureCloudDev
 Vulnreport project website

Related terms