Slooth is an advanced vulnerability management system designed to help organizations stay ahead of security threats. By leveraging the Python NVD API wrapper and a REST API, Slooth fetches and organizes data about Common Vulnerabilities and Exposures (CVEs). It provides a unique identifier, the CVE ID, for stakeholders to discuss and research specific vulnerabilities.
Slooth is built with Python 3 and Flask, and uses a frontend created with HTML, CSS, and JavaScript. It uses OpenCVE's REST API for querying CVEs and manages data across 9 database tables:
- Company Table: Stores registering organization’s information
- System Log Table: Logs all user activities
- Vendor Table: Stores vendor names in the company's inventory
- Product Table: Keeps record of vendor systems in the company's inventory
- Work_log Table: Logs vulnerabilities assigned to engineers
- Added_CVE Table: Stores vulnerabilities added to the inventory
- Comments Table: Stores engineering notes for each CVE
- Temp_account Table: Manages new accounts with temporary passwords or password reset accounts
- Users Table: Keeps record of all user accounts
- Nvdlib
- datetime
- secrets
- RE
- flask_session
- flask_wtf
- json
- string
- Jinja2
- functools
- Create a user account; it's recommended to also create an engineer account for IT security personnel. A temporary password will be sent to the user's email upon account creation.
- Add all systems in the environment to the account for tracking.
- Start searching for CVEs using one of the multiple query options available.
- Add relevant CVEs to your organization's inventory using an administrator account.
- Assign CVEs to engineers through the ticketing system and track progress through the dashboard.
- CVE Search: Input a specific CVE number or a date range for a list of CVEs within the specified period (maximum 120 days). For more targeted results, add keywords to your date range query.
- Adding Systems: Use Slooth as a ticketing system to track and assign CVEs to security engineers. Administrators can view all unassigned vulnerabilities in the dashboard and assign them accordingly.
- Dashboard: Provides a comprehensive view of your organization's vulnerabilities and their status, as well as ticket assignments per engineer.
- Admin password reset feature
- News feed dashboard with recently released CVEs relevant to clients
- Email/text notification of CVEs
- Group ticket assignment feature
- Transition from CS50 SQL to SQL Alchemy
- Server deployment
- Mobile app alternative
- Expanded ticketing form for work file uploads and additional user input
- Revamped dashboard with statistical details (e.g., average resolution time, scorecard based on CVE severity, and more)
- Improved search algorithm
- "Bypassing" API date range limitations
Contributions, issues, and feature requests are welcome! Feel free to check [issues page](link to the issues page).