Scan for Outdated Software
Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases
Outputs
findings
Scan for Outdated Software
Description
Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases.
Features
- Checks for vulnerable software listed in the CVE and CNVD databases.
- Uses proof-of-concept (PoC) scanning to highlight only exploitable vulnerabilities and minimize false positives.
- Can scan thousands of web servers simultaneously.
Inputs
Required
- urls: a list of URLs
Optional
- header: Header(s) to include in HTTP requests
- header-file: File with header(s) to include in HTTP requests
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- findings: JSONLines records of finding details.
Changelog
- v1.0.0
- Initial release
- v1.1.0
- Added
header-file
input
- Added
- v1.2.0
- Added recursive scanning to detect vulnerabilities at every level of the input URL paths