Software Vulnerability Scanner

This extension identifies vulnerable software versions and potentially exploitable paths by leveraging the Vulners.com vulnerability database. It automatically scans HTTP responses to detect software fingerprints and checks detected versions against known vulnerabilities, providing comprehensive security insights including CVEs, advisories, and available exploits.

Features

• Detects software versions through fingerprint analysis of HTTP responses
• Cross-references detected software versions with the Vulners.com vulnerability database
• Identifies potentially vulnerable URL paths that appear in known exploits
• Displays detailed vulnerability information including CVE identifiers, security advisories, and applicable exploits
• Provides tabbed interface for organizing results by software, vulnerabilities, and paths
• Offers configurable scanning rules and API key management

Usage

1. Configure your Vulners.com API key in the extension settings (premium accounts provide enhanced functionality)
2. The extension automatically scans HTTP responses as you browse or perform active scans
3. Review detected software versions in the Software tab
4. Examine identified vulnerabilities and their details in the Vulnerabilities tab
5. Check the Paths tab for URLs that may be vulnerable based on exploit databases
6. Click on any vulnerability entry to view detailed information including CVE details, severity ratings, and available exploits
7. Use the results to prioritize security testing and remediation efforts