Vuls

Vuls

  • Docs
  • Community
  • Blog
  • Languages iconEnglish
    • 日本語
  • GitHub
  • vulsdoc

›Introduction

Introduction

  • Abstract
  • Main Features
  • Supported OS

Architecture

  • Remote, Local, One-liner scan
  • Remote Scan Mode
  • One-liner scan mode
  • Local Scan Mode
  • architecture
  • Fast Scan
  • Fast-Root Scan
  • Deep Scan
  • CPE Scan

Installation

  • Vulsctl - Quickest Vuls setup
  • Vulsctl - Install on HostOS
  • Install Manually
  • Install with Docker
  • Install with Package
  • Install with Ansible
  • Install with awless

Tutorial

  • Tutorial
  • Scan with Vulsctl
  • Local Scan Mode
  • Remote Scan Mode
  • Scan using Docker
  • Scan Docker Image
  • Scan non OS packages
  • Scan WordPress
  • Scan Port
  • Scan Windows

Usage

  • config.toml
  • Automatic Discovery
  • configtest
  • Scan
  • Report
  • TUI
  • Server

Vulsrepo

  • VulsRepo

Development

  • Contribute
  • Integration Testing

Misc

  • Cron
  • Update Vuls to the latest version
  • go-cve-dictionary
  • goval-dictionary
  • gost
  • go-exploitdb
  • go-msfdb
  • go-kev
  • go-cti
  • Related Projects
  • Tips
Edit

Main Features

Scan for any vulnerabilities in Linux/FreeBSD Server

Supports major Linux/FreeBSD/Windows/MacOS

  • Alpine, Ubuntu, Debian, CentOS, AlmaLinux, Rocky Linux, Amazon Linux, RHEL, Fedora, Oracle Linux, openSUSE, openSUSE Leap, SUSE Enterprise Linux and Raspbian, FreeBSD, Windows, MacOS
  • Cloud, on-premise, Docker

High quality scan

Vuls uses Multiple vulnerability databases

  • Vulnerability Database

    • NVD
    • JVN(Japanese)
  • OVAL

    • SUSE
    • Oracle Linux
  • CSAF/VEX

    • Red Hat
  • Security Advisory

    • Alpine-secdb
    • Red Hat Security Advisories
    • Debian Security Bug Tracker
    • Ubuntu CVE Tracker
  • Commands(yum, zypper, pkg-audit)

    • RHSA / ALAS / ELSA / FreeBSD-SA
    • Changelog
  • PoC, Exploit

    • Exploit Database
    • Metasploit-Framework modules
    • qazbnm456/awesome-cve-poc
    • nomi-sec/PoC-in-GitHub
    • gmatuz/inthewilddb
  • CERT

    • US-CERT
    • JPCERT
  • Libraries

    • Node.js Security Working Group
    • Ruby Advisory Database
    • Safety DB(Python)
    • PHP Security Advisories Database
    • RustSec Advisory Database
  • WordPress

    • WPScan

Fast scan and Deep scan

Fast Scan

  • Scan without root privilege, no dependencies
  • Almost no load on the scan target server
  • Offline mode scan with no internet access. (Red Hat, Fedora, CentOS, AlmaLinux, Rocky Linux,OracleLinux, Ubuntu, Debian)

Fast Root Scan

  • Scan with root privilege
  • Almost no load on the scan target server
  • Detect processes affected by update using yum-ps (Red Hat, Fedora, CentOS, AlmaLinux, Rocky Linux, Oracle Linux and Amazon Linux)
  • Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
  • Offline mode scan with no internet access. (Red Hat, Fedora, CentOS, AlmaLinux, Rocky Linux, OracleLinux, Ubuntu, Debian)

Deep Scan

  • same as fast-root scan mode for now.

Remote scan mode, Local scan mode, Server mode

Remote scan Mode

  • User is required to only setup one machine that is connected to other target servers via SSH

Local scan mode

  • If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.

Server mode

  • No SSH needed, No Scanner needed. Only issuing Linux commands directory on the scan target serve.
  • First, start Vuls in server mode and listen as an HTTP server.
  • Start Vuls in server mode and listen as an HTTP server.
  • Next, issue a command on the scan target server to collect software information. Then send the result to Vuls Server via HTTP. You receive the scan results as JSON format.

Dynamic Analysis

  • It is possible to acquire the state of the server by connecting via SSH and executing the command
  • Vuls warns not-restarting-processes which updated before but not restarting yet and detects processes affecting software update in advance.

Scan middleware that are not included in OS package management

  • Scan middleware, programming language libraries and framework for vulnerability
  • Support software registered in CPE

Integration

  • GitHub Security Alerts
  • OWASP Dependency Check
  • WordPress

MISC

  • Nondestructive testing
  • Pre-authorization is NOT necessary before scanning on AWS
    • Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
  • Auto generation of configuration file template
    • Auto detection of servers set using CIDR, generate configuration file template
  • Email and Slack notification is possible (supports Japanese language)
  • Scan result is viewable on accessory software, TUI Viewer on terminal or Web UI (VulsRepo).
← AbstractSupported OS →
Vuls
Docs
IntroductionArchitectureTutorial
Community
Join SlackSlackTwitter(English)Twitter(Japanese)
More
BlogGitHub
Copyright © 2025 kotakanbe