This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Glossary

Vulnman consists of several components. These are presented in this section.

The Vulnman Server is the core component. This provides a REST API and a web interface for easy management of pentest assets during a penetration test.

Core

Vulnman introduces different components that you will see in the web interface or external tools. The components are explained below.

  • Client: Clients are the customers of your projects. Client contact information provided can be added to the pentest report.

  • Project: A project is the container of your assessment. It contains all tested assets, findings and reports.

  • Assets: Vulnman supports multiple assets that can be created through the REST-API or through the web interface. The following assets are supported:

    • Service
    • Host
    • Web Application
    • Web Request

  • Vulnerability Templates: Vulnerability templates are managed using a separate repository. This allows other external tools to introduce these templates too. These templates are used to derive basic information for your found vulnerabilities.

  • Vulnerability: A vulnerability is a security flaw that you found during the project. Vulnerabilities have a template. The default severity is inherited from the template but can be overwritten for each vulnerability.

1 - Responsible Disclosure Application

To Be Done