Vuls

Vuls

  • Docs
  • Community
  • Blog
  • Languages iconEnglish
    • 日本語
  • GitHub
  • vulsdoc

›Architecture

Introduction

  • Abstract
  • Main Features
  • Supported OS

Architecture

  • Remote, Local, One-liner scan
  • Remote Scan Mode
  • One-liner scan mode
  • Local Scan Mode
  • architecture
  • Fast Scan
  • Fast-Root Scan
  • Deep Scan
  • CPE Scan

Installation

  • Vulsctl - Quickest Vuls setup
  • Vulsctl - Install on HostOS
  • Install Manually
  • Install with Docker
  • Install with Package
  • Install with Ansible
  • Install with awless

Tutorial

  • Tutorial
  • Scan with Vulsctl
  • Local Scan Mode
  • Remote Scan Mode
  • Scan using Docker
  • Scan Docker Image
  • Scan non OS packages
  • Scan WordPress
  • Scan Port
  • Scan Windows

Usage

  • config.toml
  • Automatic Discovery
  • configtest
  • Scan
  • Report
  • TUI
  • Server

Vulsrepo

  • VulsRepo

Development

  • Contribute
  • Integration Testing

Misc

  • Cron
  • Update Vuls to the latest version
  • go-cve-dictionary
  • goval-dictionary
  • gost
  • go-exploitdb
  • go-msfdb
  • go-kev
  • go-cti
  • Related Projects
  • Tips
Edit

Fast-Root Scan

Vuls-Scan-Flow

DistributionScan SpeedNeed Root PrivilegeOVALNeed Internet Access
AlpineFastNoSupportedNeed
CentOSFastNeedSupportedNeed
AlmaLinuxFastNeedSupportedNeed
Rocky LinuxFastNeedSupportedNeed
RHELFastNeedSupportedNeed
FedoraFastNeedSupportedNeed
OracleFastNeedSupportedNeed
UbuntuFastNeedSupportedNeed
DebianFastNeedSupportedNeed
Raspbian1st time: Slow, From 2nd time: FastNeedPartially SupportedNeed
FreeBSDFastNoNoNeed
AmazonFastNeedSupportedNeed
openSUSEFastNoSupportedNeed
openSUSE LeapFastNoSupportedNeed
SUSE EnterpriseFastNoSupportedNeed
WindowsFastPartiallyNoPartially
MacOSFastNoNoNo

Raspbian has been modified from its previous Changelog only scan to scan using Debian OVAL and Debian Security Tracker, Changelog. The difference between Fast-Root scan and Deep scan is that the packages that use change logs are limited (because Debian OVAL and Debian Security Tracker cannot detect packages that only exist on the Raspberry Pi). In summary, the behavior of each scan mode in Raspbian is shown in the table below.

Scan Modefastfast-rootdeep
v0.11(deep scan)(deep scan)changelog
v0.12
  • OVAL
  • Debian Security Tracker
  • OVAL
  • Debian Security Tracker
  • changelog(only raspberrypi package)
  • OVAL
  • Debian Security Tracker
  • changelog(all updatable package)

For more information, see This Pull Request (https://github.com/future-architect/vuls/pull/1019).

With -offline option

Scan with -offline option, vuls scans with no internet access.

DistributionScan SpeedNeed Root PrivilegeOVALNeed Internet Access
AlpineFastNoSupportedNo
CentOSFastNeedSupportedNo
AlmaLinuxFastNeedSupportedNo
Rocky LinuxFastNeedSupportedNo
RHELFastNeedSupportedNo
FedoraFastNeedSupportedNo
OracleFastNeedSupportedNo
UbuntuFastNeedSupportedNo
DebianFastNeedSupportedNo
AmazonFastNeedSupportedNo
openSUSEFastNoSupportedNo
openSUSE LeapFastNoSupportedNo
SUSE EnterpriseFastNoSupportedNo
WindowsFastPartiallyNoNo
MacOSFastNoNoNo

Offline scan mode is not supported FreeBSD, Raspbian.

In Fast-Root Scan and Deep Scan, Raspbian scans a combination of Debian OVAL and Debian Security Tracker, Changelog, so Offline Scan mode cannot be provided completely. If you execute Offline Scan, you can get the result of Debian OVAL and Debian Security Tracker only (same result as Fast Scan).

Dependencies and /etc/sudoers

For details, see

  • Dependencies: usage-configtest
  • /etc/sudoers: /etc/sudoers

Runtime Inspection

Detect processes affected by next package update

It is possible to know processes affecting software update in advance using yum-ps on RedHat, CentOS, AlmaLinux, Rocky Linux, OracleLinux and Amazon Linux

Detect not-restarted-processes

Detect processes which updated before but not restarting yet using checkrestart of debian-goodies on Debian and Ubuntu

← Fast ScanDeep Scan →
Vuls
Docs
IntroductionArchitectureTutorial
Community
Join SlackSlackTwitter(English)Twitter(Japanese)
More
BlogGitHub
Copyright © 2025 kotakanbe