We’ve added support for Qualys SSL Labs to Seccubus and fixed a few bugs:

This version has a new scanner Medusa! Thnx to Arkanoi

This version has a couple of bug fixes that are solved by Arkanoi and SphaZ, thank you guys.

This post will describe step by step how to configure Skipfish for Seccubus.

It appears that in the last release there was a small hiccup with the severity rating and is now fixed.
This version has one new big feature, it implements the Skipfish Web- application scanner.

It appears that in my last release I broken Seccubus in a horrible way. When you updated a finding, the screen wasn’t automatically updated anymore.

Just after the performance release of version 2.2 we bring you Seccubus version 2.3 which improves on v2.2 in three important ways.

• Version 2.2 introduced some bugs in the sorting of host fields and these bug have been removed
• Version 2.x had a database connection stability issue which is fixes
• Version 2.3 allows you to run Nmap and Nikto scans on remote hosts in addition to the local host

You can download the release from GitHub.

Here are the release notes:

19-10-2013 - 2.3 - Improved stability, Nmap and Nikto on remote hosts

Key new features / issues resolved

• Seccubus now checks the state of the DBI handle before performing queries
• Improved handling of Nessus 5.2 file format
• Fixed some issues related to the new backend filters

Bugs fixed (tickets closed):

• #62 - Would like to be able to run Nmap/Nikto/SSLyze scans on a remote host
• #84 - Nessus critical findings got severity 0
• #87 - Hostname ordering was weird because of wildards for hostnames
• #88 - ‘*’ is not selected in filters when no filter is given
• #89 - Scans fail to import due to database timeouts
• #90 - Hostnames are not sorted in filters, IP addresses are
• OBS build script now echos link to OBS project

I’m proud to announce the release of Seccubus 2.2 which fixes issue with Nessus 5.2.1 and later, unicode in .nessus files and brings a major performance increase.

This release can be downloaded from Github

Release notes:

15-10-2013 - 2.2 - Nessus 5.2.1, unicode and performance

Key new features / issues resolved

• Major performance increase by moving processing of sttus buttons and filters to backend
• Resolved an issue that cause incomptibility with Nessus API version 5.2.1 (Thanks Trelor)
• Resolved an issue around encoding of Unicode chracters in Nessus output
• Added shell script to execute crontab job only on a certain day
• Added shell script to execute crontab job only on a weeknumber that can be devided by a certain number
• Correct application of Apache license is now part of the unit tests
• Resolved some caching issues with IE

Bugs fixed (tickets closed):

• Issue #48 - Filters need to be processed in backend, not front end
• Issue #50 - Notification table not displayed on edit scan
• Issue #56 - IVIL conversion shell call needs qoutes around filename
• Issue #64 - New scan dialog shows ‘new workspace’ in title
• Issue #65 - Each CGI response header now invalidates caching
• Issue #66 - Username field too small
• Issue #72 - Apache license isn’t applied correctly
• Issue #75 - Typo: datatbase in ConfigTest.pl
• Issue #77 - Seccubus incompatible with Nessus API 5.2.1
• Issue #78 - Unicode in nessus file breaks ivil import
• Issue #86 - getFilters API
• Updated dependancies in RPM

Today we release Seccubus 2.1 a bugfix release for the 2.0 version of Seccubus.

You can download it here

Release notes:

02-02-2012 - 2.1 - Bugfix release

Key new features / issues resolved

• Bugfixes

Bigs fixed (tickets closed):

• Issue #50 & #51 - Scan notifications are not listed and cannot be editted
• Issue #52 - When running do-can with nmap as user seccubus with –sudo, chown on tmp files fails.
• Issue #53 - Broken path in debian package
• Issue #55 - Notifications table creates double header in certain cases

Seccubus V2 works with the following scanners:

• Nessus 4.x and 5.x (professional and home feed)
• OpenVAS
• Nikto
• NMap
• SSLyze