Vulmap is a local vulnerability scanner project which is equipped with local vulnerability scanning programs that are compatible with both Linux and Windows operating systems. The programs can be deployed when performing vulnerability analysis and can also be used to execute system defensive procedures.
Vulmap is especially useful when searching for system vulnerabilities on localhost, with its download feature it can execute downloads on potential exploits. On Linux Vulmap is available in Python, preferably
Python 2.x.This may differ when it comes to Windows, on windows it is written in PowerShell and supported by
Vulmap: Local Vulnerability Scanner
Vulmap can detect even the simplest vulnerabilities; it does this by scanning all system software that may potentially be at risk, and then uses vulmon.com, a vulnerability intelligence search engine, which then determines if there is any exploit within the system.
Analysis is also done on software that may have potential exploits or weak points which may expose the system to some risks. Another amazing feature that Vulmap has is its ability to download exploits; the downloaded exploits can also be used when carrying of offensive procedures.
How it works?
As a result, Vulmon is very simple but a very effective helper of Vulmap, without it Vulmap would be functionally crippled. Vulmap carries out its vulnerability detection procedures based on the principle of real-time vulnerability update from Vulmon.
- Linux, Windows
Clone it from the GitHub:
$ git clone https://github.com/vulmon/Vulmap-Local-Vulnerability-Scanners.git
Then run it in default mode:
$ python vulmap-linux.py
Vulmap is very easy to use it is just a matter of playing with the right codes, these codes may vary depending on the operating system that you are using.
Basic options in default mode [Linux]:
-v, --verbose: Enable the verbose mode and display results in real-time
-d, --download: Download a specific exploit [
-a, --all-download: Download all found exploits
-h, --help: Show the help message and exit
On Windows you can deploy the following commands based on the operation you are performing:
DefaultMode: Conducts vulnerability scanning.
DownloadAllExploits: Scans the computer and downloads all available exploits.
OnlyExploitableVulns: Conducts vulnerability scanning and only shows vulnerabilities that have exploits.
DownloadExploit: Downloads given exploit [