Asset and Vulnerability Management.
Asset Management
Sources of Asset Data
ARP Cache - Contains IP and MAC addresses
DHCP logs - IP addresses and Hostnames
NMAP Scans - IP Addresses, Open Ports, Running Services, Possibly operating system
Powershell commands - Just about everything
SNMP - Many things
Vulnerability Management Software
Windows Management Interface
EDR/IR Tools (Velociraptor)
Manangement Tools
http://netdisco.org/ - Netdisco is a web-based network management tool suitable for small to very large networks. IP and MAC address data is collected into a PostgreSQL database using SNMP, CLI, or device APIs.
https://www.rumble.run/product/overview/ - Simple, fast, and accurate asset inventory tracking utility.
MAC Address Lookup
MAC Vendor Lookup - Look up the vendor for a specific MAC Address
macvendors.com - Find MAC Address Vendors. Now.
macaddress.io - MAC address vendor lookup
maclookup.app - Find the vendor name of a device by entering an OUI or a MAC address
References
Defensive Security Handbook - pg. 13
Vulnerability Management
For Vulnerability Scanning Tools, please refer to:
Rapid7 Vulnerability & Exploit Database is a curated repository of vetted computer software exploits and exploitable vulnerabilities. Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM.
InsightVM is a data-rich resource that can amplify the other solutions in your tech stack, from SIEMs and firewalls to ticketing systems. Only InsightVM integrates with 40+ other leading technologies, and with an open RESTful API, your vulnerability data makes your other tools more valuable.
NIST NVD - National Vulnerability Database
MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
GitHub Advisory Database - Security vulnerability database inclusive of CVEs and GitHub originated security advisories
cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
osv.dev - Open Source Vulnerabilities
Vulners.com - Your Search Engine for Security Intelligence
opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
security.snyk.io - Open Source Vulnerability Database
Mend Vulnerability Database - The largest open source vulnerability DB
CVEDetails - The ultimate security vulnerability datasource
VulnIQ - Vulnerability intelligence and management solution
SynapsInt - The unified OSINT research tool
Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure
Vulmon - Vulnerability and exploit search engine
VulDB - Number one vulnerability database
Defensive Security Handbook: Vulnerability Management - pg. 169
OpenScap
The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. The tool is charecterized for its great flexibility and interoperability, reducing the costs of performing security audits.
Latest compiled SCAP packages: https://github.com/ComplianceAsCode/content/releases/tag/v0.1.50
Github Repo: https://github.com/ComplianceAsCode/content
oscapcmdline tool user manual: http://static.open-scap.org/openscap-1.2/oscap_user_manual.htmlGreat Red Hat Documentation on OpenSCAP: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-scanning_the_system_in_oscap
Other Vuln management platforms
https://github.com/deepfence/ThreatMapper - Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
https://github.com/infobyte/faraday - Open Source Vulnerability Management Platform
Last updated
