Skip to content
/ deb_audit Public

Scanner to find vulnerable dependencies of debian packages

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aaaart3m/deb_audit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
main.py
main.py
 
 

Repository files navigation

Package Vulnerability Scanner

This Python application is designed to scan Debian packages for potential vulnerabilities by analyzing their dependencies. It provides information about direct and transitive dependencies, checks for differences in the system state before and after installing the package, and identifies potential vulnerabilities using debsecan.

Installation

  1. Clone the repository:
git clone https://github.com/githeap1337/deb_audit.git
  1. Change into the application directory:
cd ./deb_audit
  1. Build the Docker image:
docker build -t deb_scanner .

Usage

Run the Docker container with the Debian package file to perform the vulnerability scan:

docker run -it --name deb_audit --rm -v ./<package_name>.deb:/app/files/<package_name>.deb deb_scanner /app/files/<package_name>.deb

Replace <package_name>.deb with the actual name of your Debian package file.

Dependencies

The application uses the following tools and libraries:

  • apt-rdepends: To retrieve package dependencies.
  • dpkg-dev: For extracting package information.
  • debsecan: For scanning vulnerabilities.
  • tabulate: For formatting the output in a tabular form.

Main Script - main.py

The main script provides the following functionalities:

  • create_temporary_directory: Creates a temporary directory named 'temp'.
  • delete_temporary_directory: Deletes the temporary directory.
  • get_package_info(filepath: str): Retrieves information about the Debian package from the control file.
  • get_dependency_info_tuple(dependency: str) -> tuple: Parses dependency information into a tuple.
  • get_direct_components(package_info: dict) -> dict: Retrieves direct dependencies from the package information.
  • get_transitive_components(direct_components: dict) -> dict: Retrieves transitive dependencies for each direct dependency.
  • check_diff_after_install(deb_file: str, architecture: str): Checks the system state difference before and after installing the Debian package.
  • parse_to_vulners_input_format(transitive_components: dict, architecture: str): Converts transitive dependencies into Vulners input format.
  • debsecan_scanning() -> dict: Runs debsecan to obtain information about Common Vulnerabilities and Exposures (CVEs).
  • check_vulnerability_in_dependencies(dependencies): Checks for vulnerabilities in the provided dependencies.
  • main(deb_file: str): The main function orchestrating the entire scanning process.

Note

Make sure to provide the path to the Debian package file as a command-line argument when running the application. If no argument is provided, a usage message will be displayed.

Feel free to customize the Dockerfile or the main script based on your specific requirements.

About

Scanner to find vulnerable dependencies of debian packages

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages