search

minvws / nl-kat-coordination

OpenKAT scans networks, finds vulnerabilities and creates accessible reports. It integrates the most widely used network tools and scanning software into a modular framework, accesses external databases such as shodan, and combines the information from all these sources into clear reports. It also includes lots of cat hair.
https://openkat.nl
European Union Public License 1.2
126 stars 58 forks source link

62. Provide testing/verification guidance for widely exploited CVEs using trusted frameworks #3087

Open madelondohmen opened 4 months ago

madelondohmen commented 4 months ago

About this feature

Detailed description

Add detailed description of the new feature you'd like to propose. If this feature is related to a problem, what problem does it solve?

Scope

Out of scope

Related tickets

underdarknl commented 5 days ago

The last remaining plugins have been moved to containers. This allows us to add a 'rerun this locally' snippet for users which allows them to validate the data KAT produced. Remediation for most KAT-findings have been added, remediation for CVE's hinges on finding a quality source. We have not been given a reasonable source as of yet. This source was to be delivered in Feb 2024. There seems to be no reasonable(free) source available that contains better information than 'upgrade your software' for 95% or more of the CVE's.