VulnWhisperer

LSE toolsLSE toolsVulnWhisperer (310)VulnWhisperer (310)

Tool and Usage

Project details

License
Apache License 2.0
Programming language
Python
Author
Austin Taylor
Latest release
1.8.0
Latest release date

Project health

64
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

VulnWhisperer helps with the collection of vulnerability data and its reports. The goal of the tool is to make vulnerability data more actionable. It supports scans and data from products like Nessus, Qualys products, OpenVAS, and Tenable.io.

How it works

VulnWhisperer pulls in all reports and stores them with a unique filename. The files are then fed into Logstash. Next step is that Logstash will extract the data and performs tagging. Finally, Elasticsearch will index all data.

Background information

VulnWhisperer uses the ELK stack, which consists of Elasticsearch, Logstash, and Kibana. The current version relies on Python 2.7.

Usage and audience

VulnWhisperer is commonly used for vulnerability management or vulnerability scanning. Target users for this tool are pentesters, security professionals, and system administrators.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + The source code of this software is available

Author and Maintainers

VulnWhisperer is under development by Austin Taylor.

Installation

Supported operating systems

VulnWhisperer is known to work on Linux.

Dependencies

Several dependencies are required to use VulnWhisperer.

  • bs4
  • lxml
  • pandas
  • pytz
  • qualysapi
  • requests
  • setuptools

VulnWhisperer alternatives

Similar tools to VulnWhisperer:

97

OpenVAS

OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.

100

Archery

Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.

64

LFI Suite

LFI Suite is a security tool to automate the scanning and exploitation of Local File Inclusion vulnerabilities. It uses a wide range of attack methods to achieve this goal. This tool would be useful to penetration testers for security assignments.

All VulnWhisperer alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a vulnerability management tool.