netscan
debcvescan

netscan | debcvescan | |
---|---|---|
1 | 1 | |
63 | 27 | |
- | - | |
0.5 | 0.0 | |
over 3 years ago | almost 2 years ago | |
Go | Go | |
ISC License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
netscan
-
Masscan: Scan the entire Internet in under 5 minutes
I wrote netscan years ago and still use it. It's pretty fast too: https://github.com/62726164/netscan
debcvescan
-
Debian/Ubuntu changelog??
So I wrote a thorough checkmk local check script to report on patch state, and we were able to then pull reports straight out of our monitoring system. You can see a lobotomised version of said script here. When it came time for me to apply the same work to Debian/Ubuntu, I found that ecosystem to be somewhat brutally lacking compared to the RHEL world. You can see in that script that I mention debsecan, and for Ubuntu you'd need to pair it with ust2dsa. What I don't clearly mention in that script, though I hinted at it, is that I was exploring a way to parse Ubuntu's security JSON feeds... and it looks like Canonical started doing that themselves with their in-house cvescan tool. There's also the debcvescan tool for the Debian world.
What are some alternatives?
zmap - ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
sec-cvescan - Analyzes an Ubuntu system and checks for unpatched vulnerabilities.
masscan_as_a_service - masscan as a service
GOdin - GOdin is an open source monitoring server and agent for linux systems. Its main feature is currently monitoring the state of installed packages. It is intended to use with visualising software (ex. Grafana).
zdns - Fast DNS Lookup Library and CLI Tool
ust2dsa - Improves Ubuntu security feed compatibility allowing it to be consumed by Debian vulnerability report tool, debsecan.
naabu - A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
portscan - Port scanning examples to teach Go concurrency bounding
grype - A vulnerability scanner for container images and filesystems
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
nvdapi - Unofficial but convenient Go wrapper around the NVD REST JSON API
