salt-scanner: Linux vulnerability scanner based on Salt Open and Vulners audit API

by do son · Published October 22, 2018 · Updated October 22, 2018

salt-scanner

A Linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications and JIRA integration.

Features

Slack notification and report upload
JIRA integration
OpsGenie integration

Install

Requirement

Salt Open 2016.11.x (salt-master, salt-minion)¹

Python 2.7

salt (you may need to install gcc, gcc-c++, python dev)

slackclient

jira

opsgenie-sdk

Download
git clone https://github.com/0x4D31/salt-scanner.git

Usage

$ ./salt-scanner.py -h



 ==========================================================

  Vulnerability scanner based on Vulners API and Salt Open

 _____       _ _     _____                                 

/  ___|     | | |   /  ___|                               

\ `--.  __ _| | |_  \ `--.  ___ __ _ _ __  _ __   ___ _ __ 

 `--. \/ _` | | __|  `--. \/ __/ _` | '_ \| '_ \ / _ \ '__|

/\__/ / (_| | | |_  /\__/ / (_| (_| | | | | | | |  __/ |   

\____/ \__,_|_|\__| \____/ \___\__,_|_| |_|_| |_|\___|_|   



               Salt-Scanner 0.1 / by 0x4D31               

 ==========================================================



usage: salt-scanner.py [-h] [-t TARGET_HOSTS] [-tF {glob,list,grain}]

                       [-oN OS_NAME] [-oV OS_VERSION]



optional arguments:

  -h, --help            show this help message and exit

  -t TARGET_HOSTS, --target-hosts TARGET_HOSTS

  -tF {glob,list,grain}, --target-form {glob,list,grain}

  -oN OS_NAME, --os-name OS_NAME

  -oV OS_VERSION, --os-version OS_VERSION



$ sudo SLACK_API_TOKEN="EXAMPLETOKEN" ./salt-scanner.py -t "*"



 ==========================================================

  Vulnerability scanner based on Vulners API and Salt Open

 _____       _ _     _____                                 

/  ___|     | | |   /  ___|                               

\ `--.  __ _| | |_  \ `--.  ___ __ _ _ __  _ __   ___ _ __ 

 `--. \/ _` | | __|  `--. \/ __/ _` | '_ \| '_ \ / _ \ '__|

/\__/ / (_| | | |_  /\__/ / (_| (_| | | | | | | |  __/ |   

\____/ \__,_|_|\__| \____/ \___\__,_|_| |_|_| |_|\___|_|   



               Salt-Scanner 0.1 / by 0x4D31               

 ==========================================================



+ No default OS is configured. Detecting OS...

+ Detected Operating Systems:

   - OS Name: centos, OS Version: 7

+ Getting the Installed Packages...

+ Started Scanning '10.10.10.55'...

   - Total Packages: 357

   - 6 Vulnerable Packages Found - Severity: Low

+ Started Scanning '10.10.10.56'...

   - Total Packages: 392

   - 6 Vulnerable Packages Found - Severity: Critical



+ Finished scanning 2 host (target hosts: '*').

2 Hosts are vulnerable!



+ Output file created: 20170622-093138_232826a7-983f-499b-ad96-7b8f1a75c1d7.txt

+ Full report uploaded to Slack

+ JIRA Issue created: VM-16

+ OpsGenie alert created