UPDATE: Seccubus-2.0.beta1!

by Mayuresh on January 9, 2012

in Open Source, Penetration Testing, Security Reconnaissance, Tool Updates, Web Application Penetration Testing

We have discussed about Seccubus in our previous posts here. It has now been updated to Seccubus 2.0.beta1, taking it into the BETA phase.

 Seccubus 2.0.beta1

“Seccubus is a tool to automatically fire regular security scans with Nessus. Compare results of the current scan with the previous scan and report on the delta in a web interface. Main objective of the tool is to make repeated scans more efficient. It runs scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The results of this comparison are available in a web GUI. It effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.

Official change log for Seccubus:

New features / Issues resolved:
With this release Seccubus goes into BETA phase. It also marks the end of active development for V1 (last current version is 1.5.5). It is still maintained at a minimum level, meaning that if bugs are found and they are not too complex to fix, they will be fixed, but no new features will be added to the V1 branch of the product.

GUI rewrite:

  • Old GUI is in /oldstyle
  • Complete GUI code was rewritten using JMVC framework
  • Those www api calls needed to make this current GUI work have been rewritten to JSON
  • New, less confusing, layout of Findings screen

Bigs fixed (tickets closed):

  • 49 – Incorrect status selection possible in GUI for Gone findings https://sourceforge.net/apps/trac/seccubus/ticket/49
  • 58 – Cannot give GONE findings the status CLOSED https://sourceforge.net/apps/trac/seccubus/ticket/58

The key differences between verison 1 and version 2 are:

  • Findings are stored in a relational database in stead of on the filesystem.
  • Seccubus uses XML RPC to communicatie with Nessus, this also means that it can communicate with both the professional feed and home feed version.
  • There is no need for the webserver to read files from the Seccubus user anymore.
  • Scans are organized into workspaces, allowing scans of the same kind, or same target to be group into a workspace and viewed together.

Download Seccubus-2.0.beta1:

Seccubus-2.0.beta1Seccubus-2.0.beta1.tar.gz/Seccubus-2.0.beta1-6.2.noarch.rpm - http://sourceforge.net/projects/seccubus/files/Seccubus_v2/Seccubus-2.0.beta1/

0

If you enjoyed this article, you might also like:

Tagged as: , , , , ,

{ 0 comments… add one now }

Leave a Comment

* Copy this password:

* Type or paste password here:

Previous post:

Next post: