-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Aki Nakamura edited this page Jun 17, 2019
·
16 revisions
The aim of vultest tool is to facilitate vulnerability testing through automatic setup and configurations of vulnerable environments. A vulnerable environment includes a base OS, vulnerable software and related software components, and other resources like applications data.
To facilitate automatic vulnerability testing, we need to implement the following features:
- Setup of an appropriate base OS
- Installation and configurations of vulnerable software, related components, and application resources
- Preparation of the exploit code or tool to test the vulnerability
This configuration database, vultest-db, ensures that the above features are executed exactly and repeatedly. The database includes three kinds of information:
- vulnerability information
- knowledge of the vulnerable environment
- exploit code to attack the vulnerability
We provide several ready-to-use configurations. However, to make a good ecosystem, we believe that open and trustworthy data play important role for the purpose. That is, community efforts are essential and expected.