Vuls

Vuls

  • Docs
  • Community
  • Blog
  • Languages iconEnglish
    • 日本語
  • GitHub
  • vulsdoc

›Installation

Introduction

  • Abstract
  • Main Features
  • Supported OS

Architecture

  • Remote, Local, One-liner scan
  • Remote Scan Mode
  • One-liner scan mode
  • Local Scan Mode
  • architecture
  • Fast Scan
  • Fast-Root Scan
  • Deep Scan
  • CPE Scan

Installation

  • Vulsctl - Quickest Vuls setup
  • Vulsctl - Install on HostOS
  • Install Manually
  • Install with Docker
  • Install with Package
  • Install with Ansible
  • Install with awless

Tutorial

  • Tutorial
  • Scan with Vulsctl
  • Local Scan Mode
  • Remote Scan Mode
  • Scan using Docker
  • Scan Docker Image
  • Scan non OS packages
  • Scan WordPress
  • Scan Port
  • Scan Windows

Usage

  • config.toml
  • Automatic Discovery
  • configtest
  • Scan
  • Report
  • TUI
  • Server

Vulsrepo

  • VulsRepo

Development

  • Contribute
  • Integration Testing

Misc

  • Cron
  • Update Vuls to the latest version
  • go-cve-dictionary
  • goval-dictionary
  • gost
  • go-exploitdb
  • go-msfdb
  • go-kev
  • go-cti
  • Related Projects
  • Tips
Edit

Install with vulsctl

Vulsctl

Linux Distributions

The following example should work on Fedora based Linux distributions, which include: CentOS, RedHat, Amazon Linux etc (tested on CentOS and Red Hat 7).

Vulsctl was created to ease setup. Each shell script is a wrapper around Docker commands.

Setup Docker

  • Install Docker
  • Manage Docker as a non-root user
$ sudo systemctl start docker

Clone Vulsctl

$ git clone https://github.com/vulsio/vulsctl.git
$ cd vulsctl

Fetch Vulnerability Databases

This will take some time ...

$ cd docker
$ ./update-all.sh

Config, Scan, Report

Prepare the config.toml in the vulsctl install directory similar to the configuration below.

[servers]
[servers.hostos]
host        = "52.10.10.10"
port        = "22"
user        = "centos"
# if ssh config file exists in .ssh, path to ssh config file in docker
sshConfigPath   = "/root/.ssh/config"
# keypath in the Vuls docker container
keyPath     = "/root/.ssh/id_rsa"

When config exists in .ssh, vuls refers to /root/.ssh/config in the docker container when connecting to SSH. However, an error occurs because the local user does not match the user in Docker. To deal with this, specify /root/.ssh/config in sshConfigPath.

The scan.sh will mount $HOME/.ssh from the host operating system into the Docker container, however you will need to SSH into the target server beforehand which will add your fingerprint to $HOME/.ssh/known_hosts.

` scan

$ ssh [email protected] -i ~/.ssh/id_rsa.pem
$ ./scan.sh
$ ./report.sh
$ ./tui.sh

For details, see

  • scan.sh
  • report.sh
  • tui.sh

Vulsrepo

$ ./vulsrepo.sh
$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                    NAMES
39c8830dbeac        ishidaco/vulsrepo   "vulsrepo-server"   3 seconds ago       Up 1 second         0.0.0.0:5111->5111/tcp   focused_wu

Vulsrepo is running on http://host-ip:5111.

← CPE ScanVulsctl - Install on HostOS →
Vuls
Docs
IntroductionArchitectureTutorial
Community
Join SlackSlackTwitter(English)Twitter(Japanese)
More
BlogGitHub
Copyright © 2025 kotakanbe