Main Menu
Thanks!
Login Form



welcome to the Seccubus site.

Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting.

Seccubus effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.

Why?

Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular vulnerability scans of the same infrastructure.

How does it work?

Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI when findings can be easily marked as either real findings or non-issues. Non issues get ignored until they change. This causes a dramatically reduction a analysis time.

Seccubus 2.0.beta2 released

PostDateIconMonday, 30 January 2012 10:46 | PostAuthorIconWritten by Frank Breedijk | PDF Print E-mail

All, I’m proud to announce Seccubus 2.0.beta2.

This version re-introduces the maintenance of Workspaces and Scans, features that we not ready in time for Beta1.

If you are currently running Beta 1 or an alpha version; please upgrade.

If you are running Seccubus v1 please consider upgrading.

Release notes:

 

Last Updated (Monday, 30 January 2012 10:50)

Read more...

 

New milestone: Seccubus 2.0.beta1

PostDateIconSunday, 08 January 2012 21:32 | PostAuthorIconWritten by Frank Breedijk | PDF Print E-mail

Seccubus has reached Beta phase

As of today, the 8th of January 2012, we released Seccubus 2.0.beta1, the first beta version of Seccubus.

With this version Seccubus v1 is now officially no longer under active development. This means that no new features will be added and bug may, or may not, be fixed, depending on the urgency of the bug and the effort involved in fixing it.

The key differences between verison 1 and version 2 are:

  • Findings are stored in a relational database in stead of on the filesystem.
  • Seccubus uses XML RPC to communicatie with Nessus, this also means that it can communicate with both the professional feed and home feed version.
  • There is no need for the webserver to read files from the Seccubus user anymore.
  • Scans are organized into workspaces, allowing scans of the same kind, or same target to be group into a workspace and viewed together.

Read more...

 

2011 Inforgraph

PostDateIconMonday, 02 January 2012 14:03 | PostAuthorIconWritten by Frank Breedijk | PDF Print E-mail

Here's an infograph for the year 2011.

Happy 2012

2011 infograph

 

Seccubus 2.0.alpha5 released

PostDateIconWednesday, 23 November 2011 10:35 | PostAuthorIconWritten by Frank Breedijk | PDF Print E-mail

It’s has been quite for a while, but today we are releasing Seccubus 2.0.alpha5. This release marks the true start of the GUI rewrite using the JavascriptMVC framework (see: http://javascriptmvc.com/) so a lot of the changes in this release are not immediately visible to everyone. If you want to peek at the new GUI in progress, you can see it by appending ‘/seccubus/seccubus.html’ to your regular Seccubus url.

You can download the new version from: https://sourceforge.net/projects/seccubus/files/Seccubus_v2/Seccubus-2.0.alpha5/ in tarball and rpm format.

Release notes:

24-11-2011 - 2.0.alpha5
=======================
New features / Issues resolved
------------------------------
Perl compile tests and JMVC unit tests are now part to the build process
In the RPM install files in the scanner directories did not run because of
incorrect permissions (fixed)
All scanners but Nessus were broken due to an untested fix by the author
 
GUI rewrite
-----------
New GUI is in /seccubus/seccubus.html
First parts of the GUI rewritten using JMVC framework
Updated JMVC to get more clear build errors
Integrated JMVC building into the distribution building scripts
 
Bugs fixed (tickets closed):
----------------------------
#55 - Spec file is missing dependancies
https://sourceforge.net/apps/trac/seccubus/ticket/55
#56 - Scanner files not executable after install
https://sourceforge.net/apps/trac/seccubus/ticket/56
#59 - Nikto scanner not running
https://sourceforge.net/apps/trac/seccubus/ticket/59
 

Seccubus-2.0.alpha4 - Yes, we can haz NMAP

PostDateIconTuesday, 13 September 2011 16:12 | PostAuthorIconWritten by Frank Breedijk | PDF Print E-mail

Long overdue, and mainly because Zate Berg would have otherwise used another tool ;) we now have support for NMAP in Seccubus v2.0

This release also adds support for compliancy scans from Nessus and som minor bug files.

Get it on our Source Forge download page.

 

Release notes:

13-09-2011 - 2.0.alpha4
New features / Issues resolved
* Nmap support
  Scanning with is supported from the same server that is running the Nessus
  Seccubus GUI
* The results of the Nessus Policy Compliance family of plugins is now
  supported
  These plugins are different in the sense that they return multiple results
  all direntified by a single pluginID

Bigs fixed (tickets closed):
#8 - Integrate nmap scans into Seccubus
https://sourceforge.net/apps/trac/seccubus/ticket/8
#50 - scanners/nessus/scan should give a clear error message when ruby is
not on system
http://sourceforge.net/apps/trac/seccubus/ticket/50

 

 

 
More Articles...
feed-image

Copyright © 2009 Schuberg Philis.
All Rights Reserved.

Joomla template created with Artisteer.