Seccubus- Straightforward Automated Vulnerability Scanning, Reporting And Evaluation
Seccubus automates common vulnerability scans with varied instruments and aids safety folks within the quick evaluation of its output, each on the primary scan and on repeated scans.
Seccubus runs vulnerability scans at common intervals and compares the findings of the final scan with the findings of the earlier scan. The delta of this scan is introduced in an online GUI the place findings may be simply marked as both actual findings or non-issues.
On repeated scan delta reporting ensures that findings solely should be judged once they first seem within the scan outcomes or when their output modifications.
Seccubus 2.x is the one actively developed and maintained department and all assist for Seccubus V1 has formally been dropped.
Seccubus V2 works with the next scanners:
- Medusa (native and distant)
- Nikto (native and distant)
- NMap (native and distant)
- OWASP-ZAP (native and distant)
- Qualys SSL labs
- testssl.sh (native and distant)
Picture title Goal
- seccubus Run a full Seccubus stack in a single container
- seccubus-web Serving entrance and code and API simultaniously
- seccubus-api Serving simply the API.
- seccubus-perl Working command line scripts, e.g. to scan
- seccubus-cron Working cron deamon to execute scans
Details about the docker containers is here
Default password, altering it.
After set up the default username and password for seccubus is:
admin / GiveMeVulns!
It’s extremely beneficial you alter this after set up.
/bin/seccubus_passwd -u admin