3 个仓库
Identifying missing security updates on a target system to uncover potential vulnerabilities.
Distinct from Update Detection: Existing candidates focus on software version detection or container-specific updates, not system-level security patch auditing.
Explore 3 awesome GitHub repositories matching security & cryptography · Missing Patch Detection. Refine with filters or upvote what's useful.
该项目是一套用于 Windows 漏洞评估和补丁管理审计的专用工具。它作为一个漏洞扫描器和漏洞利用建议工具,通过分析已安装的更新来识别缺失的安全补丁及其对应的已知漏洞。 该系统的独特之处在于,它将缺失的更新与整合后的漏洞数据库进行匹配,从而推荐特定的公开漏洞利用程序。它通过将远程安全公告同步到本地数据库,并将识别出的漏洞与官方更新目录进行交叉引用,来处理补丁替代关系并消除误报,从而保持准确性。 该工具提供了安全表面分析功能,允许用户通过基于严重程度的过滤和安装日期细化来优先处理高风险漏洞。它还包含一个数据库客户端,用于从多个远程源收集和同步安全定义更新。
Identifies missing security updates on target systems to uncover potential vulnerabilities.
Windows-Exploit-Suggester is a security analysis tool designed to audit patch levels and identify vulnerabilities on Windows hosts. It functions as a vulnerability scanner and patch level auditor that compares installed system hotfixes against Microsoft security bulletins to detect missing updates. The project maps these missing security updates to known public exploits and available Metasploit modules. It uses a vulnerability database interface to download and query external security bulletin data, linking specific unpatched vulnerabilities to viable exploit vectors. The tool's capabilities
Identifies missing security updates by comparing installed system hotfixes against a database of known updates.
Windows-Exploit-Suggester 是一个安全审计工具,旨在扫描 Windows 系统中的过时组件和缺失的安全补丁。它作为一个漏洞扫描器,将目标补丁级别与官方供应商安全公告进行比较,以识别安全漏洞。 该工具专注于漏洞利用映射,将识别出的缺失更新链接到已知的公共漏洞利用代码和可用的渗透测试模块。它通过将缺失的补丁与特定的漏洞标识符进行交叉引用,自动执行研究过程,以确定适用的攻击向量。 该系统包括远程补丁级别比较和启发式检测功能,以推断主机的状态。它通过同步机制保持准确性,该机制从供应商源下载并解析最新的安全数据,以更新其内部漏洞数据库。
Identifies missing security updates on a target system using versioning and patch metadata.