HackerStorm Open Source Vulnerability Database
The HackerStorm Open Source Vulnerability Database (OSVDB) tool is a web-based utility (runs in a web browser) that enables you to research vulnerabilities associated with various software companies, such as Microsoft, Mozilla, Red Hat, etc. You simply download the tool and the associated vulnerability database and you use the Flash-based graphical user interface (GUI) to get the details on vulnerabilities based on software vendor.
Unfortunately this project appears to have fallen by the wayside as it has not been updated in quite some time. The latest HackerStorm database dates from 30 April 2010. The HackerStorm blog has only been updated once since 9 May 2009. Currently the latest vulnerability for Mozilla products in the OSVDB dates to March 2010; the latest vulnerability for Red Hat dates to August 2009. Clearly there have been more exploits for Mozilla and Red Hat products discovered since these dates. Therefore bear in mind that at the present, the HackerStorm OSVDB will not display vulnerabilities that were discovered after April 2010.
To install the HackerStorm OSVDB, first create a folder to hold all its files, such as
Next, download the HackerStorm OSVDB GUI .zip file and extract its contents into the HackerStorm file you just created.
Then return to the OSVDB page and download the XML vulnerability which is in tar.bz2 format. Extract this file into the HackerStorm folder as well.
In the HackerStorm folder you will see a start.html file. Open it with your browser and you will be presented with the OSVDB main interface. Click the ‘OSVDB SEARCH’ button.
Scroll down through the vendor name and select Microsoft Corporation, then click View. To see all Microsoft vulnerabilities, click ‘View All’. Wait a few seconds as all the Microsoft database entries load and are displayed in the GUI.
If during your use of the OSVDB you get a notification that Flash has blocked Internet access, click Settings, Advanced Tab, then Trusted Location Settings. Then click Add, Add Folder, and choose the
C:\Users\username\HackerStorm folder. The OSVDB will now be free to connect to HackerStorm.com to download content.
If you found the content of this article helpful and want to expand your knowledge further, please consider buying a relevant book using the links below. Thanks!
From the author of HackerStorm: