Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting.
Seccubus effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
Why?
Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular vulnerability scans of the same infrastructure.
How does it work?
Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI when findings can be easily marked as either real findings or non-issues. Non issues get ignored until they change. This causes a dramatically reduction a analysis time.
Seccubus 2.0.beta3 - The Black Hat edition
Tuesday, 13 March 2012 14:56 | 
Written by Frank Breedijk | 
Seccubus 2.0.beta3 released (a.k.a. The BlackHat edition)
At this moment I am presenting the new version of Seccubus a Black hat Europe, The Arsenal.
Seccubus 2.0.beta3 bring us one step closer to non-beta state and is packed with new features and fixes:
16-3-2012 - 2.0.beta3 (a.k.a. the Blackhat edition) ================================================== New features / Issues resolved ------------------------------ * Nessus5 tested and found compatilble * Findings can now be opened and edited individually * The edit finding dialog shows the change history of the finding * Long(ish) findings now render with a more link that allows you to expand the the finding, causing the findigns table to generally dispaly more compact. * Clarified the purpose of status buttons, filters and bul update form in GUI. * Added the capability to filter on severity, finding text and remark text * Added the ability for scan scripts to add attachments to runs * All scan scripts add attachments to runs * Script to convert Seccubus v1 data to V2 data adds attachments to runs * Scan history can now be viewed in the GUI and attachments can be dowloaded * IP numbers now sort correctly * Restyled status buttons and edit button * Removed www/oldstyle GUI * Removed Seccubus.Scan.List Bigs fixed (tickets closed): ---------------------------- 60 - Not all items from a Nikto scan appear to create a finding in Seccubus https://sourceforge.net/apps/trac/seccubus/ticket/60 62 - Default locations for config.xml does not include ~seccubus/etc/config.xml https://sourceforge.net/apps/trac/seccubus/ticket/62 67 - Links in top right of UI do nothing https://sourceforge.net/apps/trac/seccubus/ticket/67 71 - Scan result should "window shade" in the UI to hide lengthy text https://sourceforge.net/apps/trac/seccubus/ticket/71 75 - Bulk update: Comments only get added when you select overwrite https://sourceforge.net/apps/trac/seccubus/ticket/75 74 - Minor bugs in nmap2ivil when using nmap 5.21 https://sourceforge.net/apps/trac/seccubus/ticket/74
Last Updated (Friday, 16 March 2012 13:52)
Seccubus 2.0.beta2 releasedMonday, 30 January 2012 10:46 | Written by Frank Breedijk |
All, I’m proud to announce Seccubus 2.0.beta2. This version re-introduces the maintenance of Workspaces and Scans, features that we not ready in time for Beta1. If you are currently running Beta 1 or an alpha version; please upgrade. If you are running Seccubus v1 please consider upgrading. Release notes:
Last Updated (Monday, 30 January 2012 10:50) New milestone: Seccubus 2.0.beta1Sunday, 08 January 2012 21:32 | Written by Frank Breedijk |
Seccubus has reached Beta phaseAs of today, the 8th of January 2012, we released Seccubus 2.0.beta1, the first beta version of Seccubus. With this version Seccubus v1 is now officially no longer under active development. This means that no new features will be added and bug may, or may not, be fixed, depending on the urgency of the bug and the effort involved in fixing it. The key differences between verison 1 and version 2 are:
2011 InforgraphMonday, 02 January 2012 14:03 | Written by Frank Breedijk |
Here's an infograph for the year 2011. Happy 2012
Seccubus 2.0.alpha5 releasedWednesday, 23 November 2011 10:35 | Written by Frank Breedijk |
It’s has been quite for a while, but today we are releasing Seccubus 2.0.alpha5. This release marks the true start of the GUI rewrite using the JavascriptMVC framework (see: http://javascriptmvc.com/) so a lot of the changes in this release are not immediately visible to everyone. If you want to peek at the new GUI in progress, you can see it by appending ‘/seccubus/seccubus.html’ to your regular Seccubus url. 24-11-2011 - 2.0.alpha5 ======================= New features / Issues resolved ------------------------------ Perl compile tests and JMVC unit tests are now part to the build process In the RPM install files in the scanner directories did not run because of incorrect permissions (fixed) All scanners but Nessus were broken due to an untested fix by the author GUI rewrite ----------- New GUI is in /seccubus/seccubus.html First parts of the GUI rewritten using JMVC framework Updated JMVC to get more clear build errors Integrated JMVC building into the distribution building scripts Bugs fixed (tickets closed): ---------------------------- #55 - Spec file is missing dependancies https://sourceforge.net/apps/trac/seccubus/ticket/55 #56 - Scanner files not executable after install https://sourceforge.net/apps/trac/seccubus/ticket/56 #59 - Nikto scanner not running https://sourceforge.net/apps/trac/seccubus/ticket/59 |
- Seccubus-2.0.alpha4 - Yes, we can haz NMAP
- Seccubus-2.0.alpha3 RPMs uploaded
- Seccubus-2.0.alpha3 released
- Adding WikID systems dual factor authentication to Seccubus
- Seccubus 2.0.alpha2 RPMs posted to sourceforge
- Seccubus 2.0.alpha2 released
- Scan set up documentation
- Seccubus 2.0.alpha1 released
- Installing Seccubus V1 on Debian
- Seccubus v1.5.5
