GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → zhutoulala → vulnscan

zhutoulala / vulnscan

Licence: other
A static binary vulnerability scanner

Programming Languages

C++
36643 projects - #6 most used programming language
CMake
9771 projects

Labels

analysisbinaryscannerstaticvulnerabilityvulnerability-scanners

Projects that are alternatives of or similar to vulnscan

Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+1070.21%)
Mutual labels:  analysis, scanner, static
Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-61.7%)
Mutual labels:  scanner, vulnerability, vulnerability-scanners
Iblessing
iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (+593.62%)
Mutual labels:  scanner, vulnerability, vulnerability-scanners
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+1702.13%)
Mutual labels:  scanner, vulnerability, vulnerability-scanners
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+778.72%)
Mutual labels:  scanner, vulnerability, vulnerability-scanners
Openvas Scanner
Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+2146.81%)
Mutual labels:  scanner, vulnerability, vulnerability-scanners
Binee
Binee: binary emulation environment
Stars: ✭ 408 (+768.09%)
Mutual labels:  analysis, binary
Angr
A powerful and user-friendly binary analysis platform!
Stars: ✭ 5,542 (+11691.49%)
Mutual labels:  analysis, binary
Manalyze
A static analyzer for PE executables.
Stars: ✭ 701 (+1391.49%)
Mutual labels:  analysis, static
Angr Utils
Handy utilities for the angr binary analysis framework, most notably CFG visualization
Stars: ✭ 169 (+259.57%)
Mutual labels:  analysis, binary
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+6159.57%)
Mutual labels:  analysis, scanner
Cfg Explorer
CFG explorer for binaries
Stars: ✭ 33 (-29.79%)
Mutual labels:  analysis, binary
Gtirb
Intermediate Representation for Binary analysis and transformation
Stars: ✭ 190 (+304.26%)
Mutual labels:  analysis, binary
Detekt
Static code analysis for Kotlin
Stars: ✭ 4,169 (+8770.21%)
Mutual labels:  analysis, static
Ddisasm
A fast and accurate disassembler
Stars: ✭ 325 (+591.49%)
Mutual labels:  analysis, binary
Horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (+561.7%)
Mutual labels:  analysis, scanner
Ioskextdump
Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory
Stars: ✭ 80 (+70.21%)
Mutual labels:  analysis, static
Reverse Engineering Tutorials
Some Reverse Engineering Tutorials for Beginners
Stars: ✭ 217 (+361.7%)
Mutual labels:  analysis, binary
Replica
Ghidra Analysis Enhancer 🐉
Stars: ✭ 194 (+312.77%)
Mutual labels:  analysis, binary
gochk
Static Dependency Analysis Tool for Go Files
Stars: ✭ 68 (+44.68%)
Mutual labels:  analysis, static
View All Similar Projects ➔

All data is bad, stay safe with vulnscan

vulnscan is a static binary vulnerablity scanner. It could be used to detect if target executable files contain any known vulnerability, that potentially comes from popular 3rd party libraries in use.

This tool is designed to be cross-platformed. It could be compiled and run on both Windows and Linux. Also it could be used to scan Windows executables and Linux executables. The currently supported scan targets include:

Windows executables: exe dll

Linux executables: elf

Download

Download vulnscan version 0.1 from here

How to run this tool

vulnscan [path to target binary file]
vulnscan [path to target folder]

The output would be like:

C:\Users\peter\github\vulnscan\build\Release>vulnscan.exe vulnscan.exe
vulnscan (v0.1) - A static binary vulnerability scanner
Visit http://vulnscan.us/ for more details
Scanning ===> vulnscan.exe
......
No symbols available for the module.
Image name: vulnscan.exe
Loaded image name: C:\Users\peter\github\vulnscan\build\Release\vulnscan.exe
Line numbers: Not available
Global symbols: Not available
Type information: Not available
Source indexing: No
Public symbols: Not available
No more code to scan
Couldn't get next function


==================================================
Scan Summary
--------------------------------------------------
Total to scan:  1
Successfully scanned:   1
Vulnerability found:    1
--------------------------------------------------
Detailed Report
--------------------------------------------------
vulnscan.exe - Found vulnerability:

CVE-2018-1000122 (confidence : median)

==================================================

How does it work

vulnscan is consisted of 2 types of scan engine, the string scanner and disassembly scanner.

String scanner looks through all human readable strings in the target file and match them against predefined signatures of each known vulnerability.

Disassembly scanner uses capstone to disassemble the whole code section of target file. By examining the call sequence pattern of the potential vulnerable functions, it would be able to tell if those functions contains certain known vulnerabilities or not.

For developers, visit its github repo

How to build on Linux

mkdir build
cd build
cmake ..
make

How to build on Windows

mkdir build
cd 
cmake ..

Then open the solution vulnscan.sln and build project vulnscan

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].