README.md (fb52991) - freewvs.git

v0.1.3

add cleaned up version of F... Hanno Böck authored 4 years ago	`1) # freewvs 2) 3) A local web vulnerability scanner. 4) 5) freewvs is a tool to search webroots for know vulnerable versions of web applications. 6)`
add some info from webpage... Hanno Böck authored 2 years ago	`7) ## install 8) 9) Install 10) 11) You can install [freewvs via pip](https://pypi.org/project/freewvs/): 12)`
format properly Hanno Böck authored 2 years ago	13) ``` 14) pip install freewvs 15) ```
add some info from webpage... Hanno Böck authored 2 years ago	`16) 17) Alternatively you can run freewvs directly from the git source. 18) 19) If you install via pip you need to update the freewvs database first: 20)`
format properly Hanno Böck authored 2 years ago	21) ``` 22) update-freewvsdb 23) ```
add some info from webpage... Hanno Böck authored 2 years ago	`24) 25) ## usage 26) 27) Just run freewvs with a path, e.g.: 28)`
format properly Hanno Böck authored 2 years ago	29) ```
add some info from webpage... Hanno Böck authored 2 years ago	`30) freewvs /var/www`
format properly Hanno Böck authored 2 years ago	31) ```
add some info from webpage... Hanno Böck authored 2 years ago	`32) 33) The output will be something like this: 34)`
format properly Hanno Böck authored 2 years ago	35) ``` 36) Joomla 3.9.11 (3.9.14) CVE-2019-19846 /var/www/example.org 37) nextcloud 14.0.1 (14.0.5) CVE-2019-5449 /var/www/cloud.example.org 38) MediaWiki 1.31.1 (1.31.6) CVE-2019-19709 /var/www/wiki.example.org 39) ```
add some info from webpage... Hanno Böck authored 2 years ago	`40)`
add cleaned up version of F... Hanno Böck authored 4 years ago	41) ## faq 42) 43) #### What does freewvs do? 44) 45) It scans your webroot for known vulnerable versions of popular web applications. 46) 47) #### What does the output tell me? 48) 49) Output looks like this: 50) 51) ``` 52) Joomla-3 3.9.11 (3.9.13) CVE-2019-18674 /home/joe/websites/joessite/ 53) ``` 54) 55) This says that in /home/joe/websites/joessite/, there's a Joomla installation of version 3.9.11. This version is 56) vulnerable to CVE-2019-18674 and you should update to version 3.9.13. 57) 58) #### CVE-2019-XXXX seems to be very minor, at least it doesn't affect me. Am I safe? 59) 60) No, as freewvs only checks for the latest vulnerabilities. There may be other vulnerabilities in your version not listed by freewvs. The only way to be sure is to check the upstream changelog. 61) 62) #### There is no version inside the brackets, what does that mean? 63) 64) It means your web application has not released a security update. Often this means the software is no longer developed. 65)
contributions file Hanno Böck authored 3 years ago	`66) ## contributions 67)`
fix markdown linK Hanno Böck authored 3 years ago	`68) See [CONTRIBUTIONS.md](CONTRIBUTIONS.md).`
contributions file Hanno Böck authored 3 years ago	`69)`
add cleaned up version of F... Hanno Böck authored 4 years ago	`70) ## misc 71) 72) freewvs was developed by [schokokeks.org hosting](https://schokokeks.org/). 73) 74) It's licensed as CC0. 75)`