Vulnerator: Tool for Parsing Vulnerability

Vulnerator has been intended to assist U.S. Department of Defense (DoD) cybersecurity analysts with the intimidating task of merging vulnerability data from the various sources that have been mandated:

The Assured Compliance Assessment Solution (ACAS).
Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).
Security Content Automation Protocol (SCAP) content parsed via ACAS or the SCAP Compliance Checker (SCC).
Windows Automated Security Scanning Program (WASSP).

1. age Selector: A tab control that allows you to navigate amongst the various features of Vulnerator:

  • Reporting: The main feature of the application, this tab contains all of the controls related to parsing vulnerability files and creating human-readable reports from them. This tab is the main splash page for the application.
  • Mitigations: The page containing the graphical interface for creating and maintaining reusable mitigations for ongoing vulnerabilities.
  • Vulnerability Glance: This tab provides a quick insight into the results of the most recently parsed vulnerabilities. This tab contains additional reporting functionality surrounding IAVMs, and is currently under construction.
  • Asset Contacts: Another feature currently in the development process, this is designed to allow users to quickly and efficiently build a listing of customers for each individual system as well as user-defined groups of systems. Once created, these lists will be able to be used to generate emails to contacts informing them of current vulnerabilities that fall under their area or responsibility.

2. Reporting Options Pane: This is the main control hub of the application; it is within this pane that you will provide the parameters regarding the report(s) that you want to construct as well as the raw vulnerability files to be parsed. This area also contains the “Execute” file for vulnerability parsing.

3. File Listing: A grid showing the current listing of files to be parsed, their type, and their current status.

4. Window Controls: Similar to other Windows applications, these controls affect the positioning of the window (full screen, partial screen, minimized, and closed); take note that closing the window also exits the application.

5. Flyout Command Buttons: These buttons will launch “flyout” windows that allow you to either view additional information about the program or customize the program to your liking, depending on which link is selected:

  • News: As of v6.1.1, Vulnerator now self reports on issues and releases posted on the project’s GitHub site. Should you ever come across a bug or question the currency of the release you are using, this is a hub of information to which you can turn.
  • About: Here, you can find information about the application such as the version you are running as well as contact details for the creator and links to pertinent sites.
  • Theme: If you are going to look at a computer screen for any amount of time, it might as well be something you’d like to look at. Here, you have the ability to decide between a light or dark theme as well as an accent color of your choice.

6. Status Bar: It is within this pane that you can check to verify the status of the activity you have performed – application progress and basic error reporting are noted here.

7. File Counter: As the name implies, this is where you can quickly check to make sure that all of the files you intend to parse are accounted for.

Download Now

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 5 Techniques Hackers Use to hack Social Media Accounts

These days, Social Media have become a significant need in our everyday life. It encourages us to associate and connect with anyone over the...

5 Top Programming Languages for Hacking

We live in the 21st century, which is very fast-changing. This is a century of competition for information and computing resources. Every year the...

OSINT Tutorial to Track An Aircraft And Flight Information In Real-Time

No doubt Internet is said to be the world's largest repository of data and information. It contains an enormous amount of data related to...

Preventing SQL Injection in PHP Applications

SQL injection is one of the most common cybersecurity threats and as the name suggests, it is a form of injection attack. Injection attacks, on...