Display exploit codes information for each detected CVE-IDs (#729 )

* add exploit * bug fix while loading config in TUI, display in format-full-text * fix readme
fix(gost): a bug of parseCwe (#726 )
2018-11-03 16:36:59 +09:00 · 2018-10-29 21:21:20 +09:00 · 2018-10-29 16:27:54 +09:00 · 2018-10-29 16:26:20 +09:00 · 2018-10-18 13:37:17 +09:00 · 2018-10-10 17:43:26 +09:00
30 changed files with 1013 additions and 213 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,7 +1,7 @@
 language: go

 go:
-  - "1.11"
+  - "1.11.x"

 after_success:
  - test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash
--- a/2
+++ b/2
@@ -39,7 +39,7 @@ install: main.go dep pretest


 lint:
-	@ go get -v github.com/golang/lint/golint
+	@ go get -v golang.org/x/lint/golint
 	golint $(PKGS)

 vet:
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -2,18 +2,18 @@


 [[projects]]
-  digest = "1:46ea9487304f4b3c787f54483ecb13a338d686dcd670db0ab1a112ed0ae2128e"
+  digest = "1:2f806c4d4e9dee6f144c59099abfa9243a42a8ad9fe0d648273f6f192de6174a"
  name = "github.com/Azure/azure-sdk-for-go"
  packages = [
    "storage",
    "version",
  ]
  pruneopts = "UT"
-  revision = "4e8cbbfb1aeab140cd0fa97fd16b64ee18c3ca6a"
-  version = "v19.1.0"
+  revision = "ef9744da754d0cf00d0cfeae7d1a83f2245a4b1c"
+  version = "v21.2.0"

 [[projects]]
-  digest = "1:327b9226c8ea5f1cd9952ba859bb7c335cab40fd8781c4a790ef259b0c5fbc40"
+  digest = "1:1fe87891e29a291377b0b2224b99fd857553dff7dce8a6ffb5fda003ce52a8b0"
  name = "github.com/Azure/go-autorest"
  packages = [
    "autorest",
@@ -24,16 +24,24 @@
    "version",
  ]
  pruneopts = "UT"
-  revision = "39013ecb48eaf6ced3f4e3e1d95515140ce6b3cf"
-  version = "v10.15.2"
+  revision = "4b7f49dc5db2e1e6d528524d269b4181981a7ebf"
+  version = "v11.1.1"

 [[projects]]
-  digest = "1:b16fbfbcc20645cb419f78325bb2e85ec729b338e996a228124d68931a6f2a37"
+  digest = "1:9f3b30d9f8e0d7040f729b82dcbc8f0dead820a133b3147ce355fc451f32d761"
  name = "github.com/BurntSushi/toml"
  packages = ["."]
  pruneopts = "UT"
-  revision = "b26d9c308763d68093482582cea63d69be07a0f0"
-  version = "v0.3.0"
+  revision = "3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005"
+  version = "v0.3.1"
+
+[[projects]]
+  branch = "master"
+  digest = "1:bb6c15391e666c4f44bdc604772301b93102233ed687be6df6d1c2abbde4f15c"
+  name = "github.com/RackSec/srslog"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "a4725f04ec91af1a91b380da679d6e0c2f061e59"

 [[projects]]
  digest = "1:320e7ead93de9fd2b0e59b50fd92a4d50c1f8ab455d96bc2eb083267453a9709"
@@ -44,7 +52,7 @@
  version = "v9"

 [[projects]]
-  digest = "1:4f8b94c4cb403af4e7834e2a6455a25a5209dc61771b0d24a820ae9ae30f3f74"
+  digest = "1:b75da992f409ab285c5c2d57869d3df50e1d6869d25bee46bb04571a81db53d9"
  name = "github.com/aws/aws-sdk-go"
  packages = [
    "aws",
@@ -64,6 +72,7 @@
    "aws/request",
    "aws/session",
    "aws/signer/v4",
+    "internal/s3err",
    "internal/sdkio",
    "internal/sdkrand",
    "internal/sdkuri",
@@ -80,8 +89,8 @@
    "service/sts",
  ]
  pruneopts = "UT"
-  revision = "4324bc9d8865bdb3e6aa86ec7772ca1272d2750e"
-  version = "v1.15.21"
+  revision = "66832f7f150914a46ffbfc03210f3b9cb0e4c005"
+  version = "v1.15.57"

 [[projects]]
  digest = "1:0f98f59e9a2f4070d66f0c9c39561f68fcd1dc837b22a852d28d0003aebd1b1e"
@@ -132,15 +141,15 @@
  version = "v1.4.7"

 [[projects]]
-  digest = "1:5abd6a22805b1919f6a6bca0ae58b13cef1f3412812f38569978f43ef02743d4"
+  digest = "1:15e27372d379b45b18ac917b9dafc45c45485239490ece18cca97a12f9591146"
  name = "github.com/go-ini/ini"
  packages = ["."]
  pruneopts = "UT"
-  revision = "5cf292cae48347c2490ac1a58fe36735fb78df7e"
-  version = "v1.38.2"
+  revision = "9c8236e659b76e87bf02044d06fde8683008ff3e"
+  version = "v1.39.0"

 [[projects]]
-  digest = "1:ad9585b1b4361cbe8e7d8cc31af82ef5f597b9243909daa16f2c225b8af68c46"
+  digest = "1:7c2fd446293ff7799cc496d3446e674ee67902d119f244de645caf95dff1bb98"
  name = "github.com/go-redis/redis"
  packages = [
    ".",
@@ -153,8 +162,8 @@
    "internal/util",
  ]
  pruneopts = "UT"
-  revision = "1614e579ed966441b8e0c3ccea1dd0fbbd93a6ae"
-  version = "v6.14.0"
+  revision = "f3bba01df2026fc865f7782948845db9cf44cf23"
+  version = "v6.14.1"

 [[projects]]
  digest = "1:adea5a94903eb4384abef30f3d878dc9ff6b6b5b0722da25b82e5169216dfb61"
@@ -174,19 +183,19 @@

 [[projects]]
  branch = "master"
-  digest = "1:b264547c40314ec7619d2cf264e2621953843be7242c140efe1e3119f93877f4"
+  digest = "1:df265b7f54410945dad5cf5979d91461b9fa7ff9b397ab58d2d577002a8a0e24"
  name = "github.com/google/subcommands"
  packages = ["."]
  pruneopts = "UT"
-  revision = "5bae204cdfb2d92dcc333d56014bae6a2f6c58b1"
+  revision = "46f0354f63152e8801bb460d26f5b6c4c878efbb"

 [[projects]]
-  digest = "1:cee8e8ac80df6373e7daa11baf1f98c1b6f7242c49ccae7e1ec34a971dc408d9"
+  digest = "1:7b5c6e2eeaa9ae5907c391a91c132abfd5c9e8a784a341b5625e750c67e6825d"
  name = "github.com/gorilla/websocket"
  packages = ["."]
  pruneopts = "UT"
-  revision = "3ff3320c2a1756a3691521efc290b4701575147c"
-  version = "v1.3.0"
+  revision = "66b9c49e59c6c48f0ffce28c2d8b8a5678502c6d"
+  version = "v1.4.0"

 [[projects]]
  branch = "master"
@@ -200,6 +209,14 @@
  pruneopts = "UT"
  revision = "36ee7e946282a3fb1cfecd476ddc9b35d8847e42"

+[[projects]]
+  branch = "master"
+  digest = "1:8dbe76014be3c83806abc61befcb5e1789d2d872bc8f98a8fb955405550c63be"
+  name = "github.com/grokify/html-strip-tags-go"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "e9e44961e26f513866063f54bf85070db95600f7"
+
 [[projects]]
  digest = "1:77395dd3847dac9c45118c668f5dab85aedf0163dc3b38aea6578c5cf0d502f9"
  name = "github.com/hashicorp/go-version"
@@ -280,12 +297,12 @@
  revision = "0b12d6b5"

 [[projects]]
-  digest = "1:8e791db9ac7ec7eddd1f643be51d2dd66bb7093a92e86e3cbd22ddbeaad4d95b"
+  digest = "1:114ecad51af93a73ae6781fd0d0bc28e52b433c852b84ab4b4c109c15e6c6b6d"
  name = "github.com/jroimartin/gocui"
  packages = ["."]
  pruneopts = "UT"
-  revision = "4e9ce9a8e26f2ef33dfe297dbdfca148733b6b9b"
-  version = "v0.3.0"
+  revision = "c055c87ae801372cd74a0839b972db4f7697ae5f"
+  version = "v0.4.0"

 [[projects]]
  digest = "1:16dd6b893b78a50564cdde1d9f7ea67224dece11bb0886bd882f1dc3dc1d440d"
@@ -324,7 +341,8 @@
  revision = "74609b86c936dff800c69ec89fcf4bc52d5f13a4"

 [[projects]]
-  digest = "1:7f4a6b4726da539e615256d19381f7c7326255f80ec19cdbeedcc4d9d57e1831"
+  branch = "master"
+  digest = "1:784bbde718d6f806578d929df8ad88a24817ca4fea5ce498165f46ff238d0deb"
  name = "github.com/knqyf263/gost"
  packages = [
    "config",
@@ -333,11 +351,19 @@
    "util",
  ]
  pruneopts = "UT"
-  revision = "e926a00c01bead2152ea43026159ec5cee7ca998"
-  version = "v0.1.0"
+  revision = "920046ad61b30ed1d554140c85daaa9e3ed2ca9e"

 [[projects]]
-  digest = "1:a0936d2be9f1dfa483fb8c2251453a9202dca2a374b1e42c7d75036a87d1c69d"
+  digest = "1:0a69a1c0db3591fcefb47f115b224592c8dfa4368b7ba9fae509d5e16cdc95c8"
+  name = "github.com/konsorten/go-windows-terminal-sequences"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "5c8c8bd35d3832f5d134ae1e1e375b69a4d25242"
+  version = "v1.0.1"
+
+[[projects]]
+  branch = "master"
+  digest = "1:336333e5514fc6178cdb4245f64cc34f9c0212daa523a5267e357a7535d5470f"
  name = "github.com/kotakanbe/go-cve-dictionary"
  packages = [
    "config",
@@ -346,8 +372,7 @@
    "models",
  ]
  pruneopts = "UT"
-  revision = "01c566055f7231f55f8551a2ae69569e0a4b9641"
-  version = "v0.2.0"
+  revision = "bff11c4b0f9d2915f21f49d4530c99033898dbca"

 [[projects]]
  digest = "1:54d3c90db1164399906830313a6fce7770917d7e4a12da8f2d8693d18ff5ef27"
@@ -386,8 +411,8 @@
    "log",
  ]
  pruneopts = "UT"
-  revision = "d6898124de917583f5ff5592ef931d1dfe0ddc05"
-  version = "0.2.6"
+  revision = "2a618302b929cc20862dda3aa6f02f64dbe740dd"
+  version = "v0.2.7"

 [[projects]]
  digest = "1:b18ffc558326ebaed3b4a175617f1e12ed4e3f53d6ebfe5ba372a3de16d22278"
@@ -426,12 +451,12 @@
  version = "v0.0.9"

 [[projects]]
-  digest = "1:d4d17353dbd05cb52a2a52b7fe1771883b682806f68db442b436294926bbfafb"
+  digest = "1:0981502f9816113c9c8c4ac301583841855c8cf4da8c72f696b3ebedf6d0e4e5"
  name = "github.com/mattn/go-isatty"
  packages = ["."]
  pruneopts = "UT"
-  revision = "0360b2af4f38e8d38c7fce2a9f4e702702d73a39"
-  version = "v0.0.3"
+  revision = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c"
+  version = "v0.0.4"

 [[projects]]
  digest = "1:cdb899c199f907ac9fb50495ec71212c95cb5b0e0a8ee0800da0238036091033"
@@ -466,12 +491,12 @@
  version = "v1.0.0"

 [[projects]]
-  digest = "1:645110e089152bd0f4a011a2648fbb0e4df5977be73ca605781157ac297f50c4"
+  digest = "1:53bc4cd4914cd7cd52139990d5170d6dc99067ae31c56530621b18b35fc30318"
  name = "github.com/mitchellh/mapstructure"
  packages = ["."]
  pruneopts = "UT"
-  revision = "fa473d140ef3c6adf42d6b391fe76707f1f243c8"
-  version = "v1.0.0"
+  revision = "3536a929edddb9a5b34bd6861dc4a9647cb459fe"
+  version = "v1.1.2"

 [[projects]]
  branch = "master"
@@ -482,12 +507,27 @@
  revision = "9ac6cf4d929b2fa8fd2d2e6dec5bb0feb4f4911d"

 [[projects]]
-  digest = "1:ace662a36243b5cdc2f71e654175dc192f903fafbf3411a95bc910c1cad53ce7"
-  name = "github.com/nlopes/slack"
-  packages = ["."]
+  branch = "master"
+  digest = "1:c72d41e2be29143a802361f175f9eafe81ecd35119b80b7673bb3e997b086687"
+  name = "github.com/mozqnet/go-exploitdb"
+  packages = [
+    "db",
+    "models",
+    "util",
+  ]
  pruneopts = "UT"
-  revision = "0db1d5eae1116bf7c8ed96c6749acfbf4daaec3e"
-  version = "v0.3.0"
+  revision = "b359807ea9b24f7ce80d1bfa02ffca5ed428ffb5"
+
+[[projects]]
+  digest = "1:95d38d218bf2290987c6b0e885a9f0f2d3d3239235acaddca01c3fe36e5e5566"
+  name = "github.com/nlopes/slack"
+  packages = [
+    ".",
+    "slackutilsx",
+  ]
+  pruneopts = "UT"
+  revision = "b9033a72a20bf84563485e86a2adbea4bf265804"
+  version = "v0.4.0"

 [[projects]]
  branch = "master"
@@ -499,11 +539,11 @@

 [[projects]]
  branch = "master"
-  digest = "1:4daa045e1e1f3e23f4b07db6880cdf9f259dab65312dfe244a878e6070faaf77"
+  digest = "1:f611266e3ac01ab4adb6f1d67f6c1be82998d02f452faff450596658712d860b"
  name = "github.com/olekukonko/tablewriter"
  packages = ["."]
  pruneopts = "UT"
-  revision = "d4647c9c7a84d847478d890b816b7d8b62b0b279"
+  revision = "be2c049b30ccd4d3fd795d6bf7dce74e42eeedaa"

 [[projects]]
  digest = "1:d776f3e95774a8719f2e57fabbbb33103035fe072dcf6f1864f33abd17b753e5"
@@ -530,12 +570,12 @@
  version = "v0.8.0"

 [[projects]]
-  digest = "1:9a6f766efd8d5752adb7052aebb6e3d85255b31a8dff5e58ab4efa740ba9efa0"
+  digest = "1:1a23fdd843129ef761ffe7651bc5fe7c5b09fbe933e92783ab06cc11c37b7b37"
  name = "github.com/rifflock/lfshook"
  packages = ["."]
  pruneopts = "UT"
-  revision = "bf539943797a1f34c1f502d07de419b5238ae6c6"
-  version = "v2.3"
+  revision = "b9218ef580f59a2e72dad1aa33d660150445d05a"
+  version = "v2.4"

 [[projects]]
  digest = "1:274f67cb6fed9588ea2521ecdac05a6d62a8c51c074c1fccc6a49a40ba80e925"
@@ -547,22 +587,22 @@

 [[projects]]
  branch = "master"
-  digest = "1:61ada1b10eccab5329199eaad8fc94048ed689969130010f592a6cc15f9afe39"
+  digest = "1:b17bd7b89f445e9c4b82f6144a8fe41e60d921fbe4279f669f9464b277927254"
  name = "github.com/sirupsen/logrus"
  packages = ["."]
  pruneopts = "UT"
-  revision = "49fbef4694fb220643e975c02c9547a1cda57c26"
+  revision = "680f584d621da87ee04ea659130e149ba9d23cae"

 [[projects]]
-  digest = "1:bd1ae00087d17c5a748660b8e89e1043e1e5479d0fea743352cda2f8dd8c4f84"
+  digest = "1:6a4a11ba764a56d2758899ec6f3848d24698d48442ebce85ee7a3f63284526cd"
  name = "github.com/spf13/afero"
  packages = [
    ".",
    "mem",
  ]
  pruneopts = "UT"
-  revision = "787d034dfe70e44075ccc060d346146ef53270ad"
-  version = "v1.1.1"
+  revision = "d40851caa0d747393da1ffb28f7f9d8b4eeffebd"
+  version = "v1.1.2"

 [[projects]]
  digest = "1:516e71bed754268937f57d4ecb190e01958452336fa73dbac880894164e91c1f"
@@ -573,36 +613,36 @@
  version = "v1.2.0"

 [[projects]]
-  branch = "master"
-  digest = "1:8a020f916b23ff574845789daee6818daf8d25a4852419aae3f0b12378ba432a"
+  digest = "1:68ea4e23713989dc20b1bded5d9da2c5f9be14ff9885beef481848edd18c26cb"
  name = "github.com/spf13/jwalterweatherman"
  packages = ["."]
  pruneopts = "UT"
-  revision = "14d3d4c518341bea657dd8a226f5121c0ff8c9f2"
+  revision = "4a4406e478ca629068e7768fc33f3f044173c0a6"
+  version = "v1.0.0"

 [[projects]]
-  digest = "1:dab83a1bbc7ad3d7a6ba1a1cc1760f25ac38cdf7d96a5cdd55cd915a4f5ceaf9"
+  digest = "1:c1b1102241e7f645bc8e0c22ae352e8f0dc6484b6cb4d132fa9f24174e0119e2"
  name = "github.com/spf13/pflag"
  packages = ["."]
  pruneopts = "UT"
-  revision = "9a97c102cda95a86cec2345a6f09f55a939babf5"
-  version = "v1.0.2"
+  revision = "298182f68c66c05229eb03ac171abe6e309ee79a"
+  version = "v1.0.3"

 [[projects]]
-  digest = "1:4fc8a61287ccfb4286e1ca5ad2ce3b0b301d746053bf44ac38cf34e40ae10372"
+  digest = "1:214775c11fd26da94a100111a62daa25339198a4f9c57cb4aab352da889f5b93"
  name = "github.com/spf13/viper"
  packages = ["."]
  pruneopts = "UT"
-  revision = "907c19d40d9a6c9bb55f040ff4ae45271a4754b9"
-  version = "v1.1.0"
+  revision = "2c12c60302a5a0e62ee102ca9bc996277c2f64f5"
+  version = "v1.2.1"

 [[projects]]
-  branch = "master"
  digest = "1:c468422f334a6b46a19448ad59aaffdfc0a36b08fdcc1c749a0b29b6453d7e59"
  name = "github.com/valyala/bytebufferpool"
  packages = ["."]
  pruneopts = "UT"
  revision = "e746df99fe4a3986f4d4f79e13c1e0117ce9c2f7"
+  version = "v1.0.0"

 [[projects]]
  branch = "master"
@@ -622,7 +662,7 @@

 [[projects]]
  branch = "master"
-  digest = "1:6019f7d49498f02cd589d41db388e11470de1f218a0a534c52353788684d8cd9"
+  digest = "1:1e63ada43d2806f05965163d1b7d0de9366d60a9077eb1b0c3618156b445e713"
  name = "golang.org/x/crypto"
  packages = [
    "curve25519",
@@ -636,11 +676,11 @@
    "ssh/terminal",
  ]
  pruneopts = "UT"
-  revision = "614d502a4dac94afa3a6ce146bd1736da82514c6"
+  revision = "0c41d7ab0a0ee717d4590a44bcb987dfd9e183eb"

 [[projects]]
  branch = "master"
-  digest = "1:357e8a9010dc590929a02bc5602c058acea216e4c46089755e618a5a59789604"
+  digest = "1:fa44bfbd6a531dbb03a45ba46765f876abd24579fcf6d1b64b8546b98a00f15b"
  name = "golang.org/x/net"
  packages = [
    "context",
@@ -648,18 +688,18 @@
    "publicsuffix",
  ]
  pruneopts = "UT"
-  revision = "8a410e7b638dca158bf9e766925842f6651ff828"
+  revision = "04a2e542c03f1d053ab3e4d6e5abcd4b66e2be8e"

 [[projects]]
  branch = "master"
-  digest = "1:0dafafed83f125cdc945a014b2dec15e5b5d8cd2d77a2d1e3763120b08ab381b"
+  digest = "1:f5aa274a0377f85735edc7fedfb0811d3cbc20af91633797cb359e29c3272271"
  name = "golang.org/x/sys"
  packages = [
    "unix",
    "windows",
  ]
  pruneopts = "UT"
-  revision = "4910a1d54f876d7b22162a85f4d066d3ee649450"
+  revision = "fa43e7bc11baaae89f3f902b2b4d832b68234844"

 [[projects]]
  digest = "1:a2ab62866c75542dd18d2b069fec854577a20211d7c0ea6ae746072a1dccdd18"
@@ -689,8 +729,8 @@
  name = "google.golang.org/appengine"
  packages = ["cloudsql"]
  pruneopts = "UT"
-  revision = "b1f26356af11148e710935ed1ac8a7f5702c7612"
-  version = "v1.1.0"
+  revision = "ae0ab99deb4dc413a2b4bd6c8bdd0eb67f1e4d06"
+  version = "v1.2.0"

 [[projects]]
  digest = "1:e626376fab8608a972d47e91b3c1bbbddaecaf1d42b82be6dcc52d10a7557893"
@@ -701,12 +741,12 @@
  version = "v1.1.1"

 [[projects]]
-  digest = "1:d8cd4f14785b5ae65100524a29ebba8b9dfc5401020fe7504f80b438bb8e8e0d"
+  digest = "1:50ec2f81389fbc7a1e496e1d1dc07adfe080fd15e015e9ba0e08ddaf1d4635ef"
  name = "gopkg.in/cheggaaa/pb.v1"
  packages = ["."]
  pruneopts = "UT"
-  revision = "2af8bbdea9e99e83b3ac400d8f6b6d1b8cbbf338"
-  version = "v1.0.25"
+  revision = "007b75a044e968336a69a6c0c617251ab62ac14c"
+  version = "v1.0.26"

 [[projects]]
  digest = "1:256938e7d43c73bd5e7bb97dd281d1ebe294b2928403ee1fbec96249915d1150"
@@ -733,12 +773,12 @@
  version = "v0.0.9"

 [[projects]]
-  digest = "1:d4d17353dbd05cb52a2a52b7fe1771883b682806f68db442b436294926bbfafb"
+  digest = "1:0981502f9816113c9c8c4ac301583841855c8cf4da8c72f696b3ebedf6d0e4e5"
  name = "gopkg.in/mattn/go-isatty.v0"
  packages = ["."]
  pruneopts = "UT"
-  revision = "0360b2af4f38e8d38c7fce2a9f4e702702d73a39"
-  version = "v0.0.3"
+  revision = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c"
+  version = "v0.0.4"

 [[projects]]
  digest = "1:cdb899c199f907ac9fb50495ec71212c95cb5b0e0a8ee0800da0238036091033"
@@ -762,6 +802,7 @@
  input-imports = [
    "github.com/Azure/azure-sdk-for-go/storage",
    "github.com/BurntSushi/toml",
+    "github.com/RackSec/srslog",
    "github.com/asaskevich/govalidator",
    "github.com/aws/aws-sdk-go/aws",
    "github.com/aws/aws-sdk-go/aws/credentials",
@@ -791,6 +832,8 @@
    "github.com/kotakanbe/goval-dictionary/models",
    "github.com/kotakanbe/logrus-prefixed-formatter",
    "github.com/mitchellh/go-homedir",
+    "github.com/mozqnet/go-exploitdb/db",
+    "github.com/mozqnet/go-exploitdb/models",
    "github.com/nlopes/slack",
    "github.com/olekukonko/tablewriter",
    "github.com/parnurzeal/gorequest",
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -24,6 +24,14 @@
 #   go-tests = true
 #   unused-packages = true

+[[constraint]]
+  name = "github.com/knqyf263/gost"
+  branch = "master"
+
+[[constraint]]
+  name = "github.com/kotakanbe/go-cve-dictionary"
+  branch = "master"
+
 [prune]
  go-tests = true
  unused-packages = true
--- a/README.md
+++ b/README.md
@@ -45,50 +45,78 @@ Vuls is a tool created to solve the problems listed above. It has the following

 # Main Features

- Scan for any vulnerabilities in Linux/FreeBSD Server
-    - Supports Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux and Raspbian, FreeBSD
-    - Cloud, on-premise, Docker
- High quality scan
-    - Vuls uses Multiple vulnerability databases
-        - [NVD](https://nvd.nist.gov/)
-        - [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
-        - [RedHat](https://www.redhat.com/security/data/oval/)
-        - [Debian](https://www.debian.org/security/oval/)
-        - [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
-        - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
-        - [Oracle Linux](https://linux.oracle.com/security/oval/)
-        - [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
-        - RHSA/ALAS/ELSA/FreeBSD-SA
-        - Changelog
- Fast scan and Deep scan
-    - Fast Scan
-        - Scan without root privilege
-        - Scan with No internet access. (RedHat, CentOS, OracleLinux, Ubuntu and Debian)
-        - Almost no load on the scan target server
-    - Deep Scan
-        - Scan with root privilege
-        - Detect processes affected by update using yum-ps (RedHat, CentOS, OracleLinux and Amazon Linux)
-        - Parses the Changelog  
-            Changelog has a history of version changes. When a security issue is fixed, the relevant CVE ID is listed.
-            By parsing the changelog and analysing the updates between the installed version of software on the server and the newest version of that software
-            it's possible to create a list of all vulnerabilities that need to be fixed.
-        - Sometimes load on the scan target server
- Remote scan and Local scan
-    - Remote Scan
-        - User is required to only setup one machine that is connected to other target servers via SSH
-    - Local Scan 
-        - If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.
- **Dynamic** Analysis
-    - It is possible to acquire the state of the server by connecting via SSH and executing the command
-        - Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
- Scan middleware that are not included in OS package management
-    - Scan middleware, programming language libraries and framework for vulnerability
-    - Support software registered in CPE
+## Scan for any vulnerabilities in Linux/FreeBSD Server
+
+[Supports major Linux/FreeBSD](https://vuls.io/docs/en/supported-os.html)
+- Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux and Raspbian, FreeBSD
+- Cloud, on-premise, Docker
+
+##  High quality scan
+
+Vuls uses Multiple vulnerability databases
+- [NVD](https://nvd.nist.gov/)
+- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
+- OVAL
+	- [RedHat](https://www.redhat.com/security/data/oval/)
+	- [Debian](https://www.debian.org/security/oval/)
+	- [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
+	- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+	- [Oracle Linux](https://linux.oracle.com/security/oval/)
+- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
+- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
+- [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
+- Commands(yum, zypper, pkg-audit)
+	- RHSA/ALAS/ELSA/FreeBSD-SA
+- [Exploit Database](https://www.exploit-db.com/)
+- Changelog
+
+## Fast scan and Deep scan
+
+[Fast Scan](https://vuls.io/docs/en/architecture-fast-scan.html)
+- Scan without root privilege, no dependencies
+- Almost no load on the scan target server
+- Offline mode scan with no internet access. (Red Hat, CentOS, OracleLinux, Ubuntu, Debian)
+
+[Fast Root Scan](https://vuls.io/docs/en/architecture-fast-root-scan.html)
+- Scan with root privilege
+- Almost no load on the scan target server
+- Detect processes affected by update using yum-ps (RedHat, CentOS, Oracle Linux and Amazon Linux)
+- Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
+- Offline mode scan with no internet access. (RedHat, CentOS, OracleLinux, Ubuntu, Debian)
+
+[Deep Scan](https://vuls.io/docs/en/architecture-deep-scan.html)
+- Scan with root privilege
+- Parses the Changelog  
+    Changelog has a history of version changes. When a security issue is fixed, the relevant CVE ID is listed.
+    By parsing the changelog and analysing the updates between the installed version of software on the server and the newest version of that software
+    it's possible to create a list of all vulnerabilities that need to be fixed.
+- Sometimes load on the scan target server
+
+## [Remote scan and Local scan](https://vuls.io/docs/en/architecture-remote-local.html)
+
+[Remote Scan](https://vuls.io/docs/en/architecture-remote-scan.html)
+- User is required to only setup one machine that is connected to other target servers via SSH
+
+[Local Scan](https://vuls.io/docs/en/architecture-local-scan.html)
+- If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.
+
+## **Dynamic** Analysis
+
+- It is possible to acquire the state of the server by connecting via SSH and executing the command. 
+- Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
+
+## [Scan middleware that are not included in OS package management](https://vuls.io/docs/en/usage-scan-non-os-packages.html)
+
+- Scan middleware, programming language libraries and framework for vulnerability
+- Support software registered in CPE
+
+## MISC
+
 - Nondestructive testing
 - Pre-authorization is *NOT* necessary before scanning on AWS
-    - Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
+	- Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
 - Auto generation of configuration file template
-    - Auto detection of servers set using CIDR, generate configuration file template
+	- Auto detection of servers set using CIDR, generate configuration file template
 - Email and Slack notification is possible (supports Japanese language)
 - Scan result is viewable on accessory software, TUI Viewer on terminal or Web UI ([VulsRepo](https://github.com/usiusi360/vulsrepo)).

--- a/commands/discover.go
+++ b/commands/discover.go
@@ -91,24 +91,27 @@ func (p *DiscoverCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface
 func printConfigToml(ips []string) (err error) {
 	const tomlTemplate = `

-# TODO Doc Link
+# https://vuls.io/docs/en/usage-settings.html
 [cveDict]
 type        = "sqlite3"
 sqlite3Path = "/path/to/cve.sqlite3"
 #url        = ""

-# TODO Doc Link
 [ovalDict]
 type        = "sqlite3"
 sqlite3Path = "/path/to/oval.sqlite3"
 #url        = ""

-# TODO Doc Link
 [gost]
 type        = "sqlite3"
 sqlite3Path = "/path/to/gost.sqlite3"
 #url        = ""

+[exploit]
+type        = "sqlite3"
+sqlite3Path = "/path/to/go-exploitdb.sqlite3"
+#url        = ""
+
 # https://vuls.io/docs/en/usage-settings.html#slack-section
 #[slack]
 #hookURL      = "https://hooks.slack.com/services/abc123/defghijklmnopqrstuvwxyz"
--- a/commands/report.go
+++ b/commands/report.go
@@ -24,6 +24,7 @@ import (
 	"path/filepath"

 	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/exploit"
 	"github.com/future-architect/vuls/gost"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/oval"
@@ -36,11 +37,12 @@ import (

 // ReportCmd is subcommand for reporting
 type ReportCmd struct {
-	configPath string
-	cvelDict   c.GoCveDictConf
-	ovalDict   c.GovalDictConf
-	gostConf   c.GostConf
-	httpConf   c.HTTPConf
+	configPath  string
+	cveDict     c.GoCveDictConf
+	ovalDict    c.GovalDictConf
+	gostConf    c.GostConf
+	exploitConf c.ExploitConf
+	httpConf    c.HTTPConf
 }

 // Name return subcommand name
@@ -85,14 +87,17 @@ func (*ReportCmd) Usage() string {
 		[-debug-sql]
 		[-pipe]
 		[-cvedb-type=sqlite3|mysql|postgres|redis]
-		[-cvedb-path=/path/to/cve.sqlite3]
+		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
 		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
 		[-ovaldb-type=sqlite3|mysql|redis]
-		[-ovaldb-path=/path/to/oval.sqlite3]
+		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
 		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
 		[-gostdb-type=sqlite3|mysql|redis]
-		[-gostdb-path=/path/to/gost.sqlite3]
+		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
 		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
+		[-exploitdb-type=sqlite3|mysql|redis]
+		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
+		[-exploitdb-url=http://127.0.0.1:1325 or DB connection string]
 		[-http="http://vuls-report-server"]

 		[RFC3339 datetime format under results dir]
@@ -165,10 +170,10 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
 		"Auto generate of scan target servers and then write to config.toml and scan result")
 	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use args passed via PIPE")

-	f.StringVar(&p.cvelDict.Type, "cvedb-type", "sqlite3",
+	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
 		"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
-	f.StringVar(&p.cvelDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.cvelDict.URL, "cvedb-url", "",
+	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
 		"http://go-cve-dictionary.com:1323 or DB connection string")

 	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
@@ -183,6 +188,12 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
 	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
 		"http://gost.com:1325 or DB connection string")

+	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
+		"DB type of exploit (sqlite3, mysql, postgres or redis)")
+	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
+		"http://exploit.com:1326 or DB connection string")
+
 	f.StringVar(&p.httpConf.URL, "http", "", "-to-http http://vuls-report")

 }
@@ -197,9 +208,10 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 		return subcommands.ExitUsageError
 	}

-	c.Conf.CveDict.Overwrite(p.cvelDict)
+	c.Conf.CveDict.Overwrite(p.cveDict)
 	c.Conf.OvalDict.Overwrite(p.ovalDict)
 	c.Conf.Gost.Overwrite(p.gostConf)
+	c.Conf.Exploit.Overwrite(p.exploitConf)
 	c.Conf.HTTP.Overwrite(p.httpConf)

 	var dir string
@@ -340,7 +352,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}

 		if err := report.CveClient.CheckHealth(); err != nil {
 			util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
-			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with -cvedb-path option instead of -cvedb-url")
+			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with -cvedb-sqlite3-path option instead of -cvedb-url")
 			return subcommands.ExitFailure
 		}
 		if c.Conf.CveDict.URL != "" {
@@ -356,7 +368,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 			err := oval.Base{}.CheckHTTPHealth()
 			if err != nil {
 				util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
-				util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with -ovaldb-path option instead of -ovaldb-url")
+				util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with -ovaldb-sqlite3-path option instead of -ovaldb-url")
 				return subcommands.ExitFailure
 			}
 		} else {
@@ -370,7 +382,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 			err := gost.Base{}.CheckHTTPHealth()
 			if err != nil {
 				util.Log.Errorf("gost HTTP server is not running. err: %s", err)
-				util.Log.Errorf("Run gost as server mode before reporting or run with -gostdb-path option instead of -gostdb-url")
+				util.Log.Errorf("Run gost as server mode before reporting or run with -gostdb-sqlite3-path option instead of -gostdb-url")
 				return subcommands.ExitFailure
 			}
 		} else {
@@ -378,10 +390,25 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 				util.Log.Infof("gost: %s", c.Conf.Gost.SQLite3Path)
 			}
 		}
+
+		if c.Conf.Exploit.URL != "" {
+			util.Log.Infof("exploit: %s", c.Conf.Exploit.URL)
+			err := exploit.CheckHTTPHealth()
+			if err != nil {
+				util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
+				util.Log.Errorf("Run exploit as server mode before reporting or run with -exploitdb-sqlite3-path option instead of -exploitdb-url")
+				return subcommands.ExitFailure
+			}
+		} else {
+			if c.Conf.Exploit.Type == "sqlite3" {
+				util.Log.Infof("exploit: %s", c.Conf.Exploit.SQLite3Path)
+			}
+		}
 		dbclient, locked, err := report.NewDBClient(report.DBClientConf{
 			CveDictCnf:  c.Conf.CveDict,
 			OvalDictCnf: c.Conf.OvalDict,
 			GostCnf:     c.Conf.Gost,
+			ExploitCnf:  c.Conf.Exploit,
 			DebugSQL:    c.Conf.DebugSQL,
 		})
 		if locked {
--- a/commands/tui.go
+++ b/commands/tui.go
@@ -24,7 +24,10 @@ import (
 	"path/filepath"

 	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/exploit"
+	"github.com/future-architect/vuls/gost"
 	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/oval"
 	"github.com/future-architect/vuls/report"
 	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
@@ -33,10 +36,11 @@ import (

 // TuiCmd is Subcommand of host discovery mode
 type TuiCmd struct {
-	configPath string
-	cvelDict   c.GoCveDictConf
-	ovalDict   c.GovalDictConf
-	gostConf   c.GostConf
+	configPath  string
+	cvelDict    c.GoCveDictConf
+	ovalDict    c.GovalDictConf
+	gostConf    c.GostConf
+	exploitConf c.ExploitConf
 }

 // Name return subcommand name
@@ -124,6 +128,13 @@ func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
 	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-path", "", "/path/to/sqlite3")
 	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
 		"http://gost.com:1325 or DB connection string")
+
+	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
+		"DB type of exploit (sqlite3, mysql, postgres or redis)")
+	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
+		"http://exploit.com:1326 or DB connection string")
+
 }

 // Execute execute
@@ -142,11 +153,7 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
 	c.Conf.CveDict.Overwrite(p.cvelDict)
 	c.Conf.OvalDict.Overwrite(p.ovalDict)
 	c.Conf.Gost.Overwrite(p.gostConf)
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnTui() {
-		return subcommands.ExitUsageError
-	}
+	c.Conf.Exploit.Overwrite(p.exploitConf)

 	var dir string
 	var err error
@@ -159,6 +166,12 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
 		util.Log.Errorf("Failed to read from JSON: %s", err)
 		return subcommands.ExitFailure
 	}
+
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnTui() {
+		return subcommands.ExitUsageError
+	}
+
 	var res models.ScanResults
 	if res, err = report.LoadScanResults(dir); err != nil {
 		util.Log.Error(err)
@@ -166,10 +179,65 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
 	}
 	util.Log.Infof("Loaded: %s", dir)

+	if err := report.CveClient.CheckHealth(); err != nil {
+		util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
+		util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with -cvedb-sqlite3-path option instead of -cvedb-url")
+		return subcommands.ExitFailure
+	}
+	if c.Conf.CveDict.URL != "" {
+		util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.URL)
+	} else {
+		if c.Conf.CveDict.Type == "sqlite3" {
+			util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.SQLite3Path)
+		}
+	}
+
+	if c.Conf.OvalDict.URL != "" {
+		util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.URL)
+		err := oval.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with -ovaldb-sqlite3-path option instead of -ovaldb-url")
+			return subcommands.ExitFailure
+		}
+	} else {
+		if c.Conf.OvalDict.Type == "sqlite3" {
+			util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.SQLite3Path)
+		}
+	}
+
+	if c.Conf.Gost.URL != "" {
+		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
+		err := gost.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("gost HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run gost as server mode before reporting or run with -gostdb-sqlite3-path option instead of -gostdb-url")
+			return subcommands.ExitFailure
+		}
+	} else {
+		if c.Conf.Gost.Type == "sqlite3" {
+			util.Log.Infof("gost: %s", c.Conf.Gost.SQLite3Path)
+		}
+	}
+
+	if c.Conf.Exploit.URL != "" {
+		util.Log.Infof("exploit: %s", c.Conf.Exploit.URL)
+		err := exploit.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run exploit as server mode before reporting or run with -exploitdb-sqlite3-path option instead of -exploitdb-url")
+			return subcommands.ExitFailure
+		}
+	} else {
+		if c.Conf.Exploit.Type == "sqlite3" {
+			util.Log.Infof("exploit: %s", c.Conf.Exploit.SQLite3Path)
+		}
+	}
 	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
 		CveDictCnf:  c.Conf.CveDict,
 		OvalDictCnf: c.Conf.OvalDict,
 		GostCnf:     c.Conf.Gost,
+		ExploitCnf:  c.Conf.Exploit,
 		DebugSQL:    c.Conf.DebugSQL,
 	})
 	if locked {
--- a/commands/util.go
+++ b/commands/util.go
@@ -34,7 +34,7 @@ func getPasswd(prompt string) (string, error) {
 			return "", fmt.Errorf("Failed to read password")
 		}
 		if 0 < len(pass) {
-			return string(pass[:]), nil
+			return string(pass), nil
 		}
 	}

--- a/config/config.go
+++ b/config/config.go
@@ -20,13 +20,14 @@ package config
 import (
 	"errors"
 	"fmt"
-	"log/syslog"
 	"os"
 	"path/filepath"
 	"runtime"
 	"strconv"
 	"strings"

+	syslog "github.com/RackSec/srslog"
+
 	valid "github.com/asaskevich/govalidator"
 	log "github.com/sirupsen/logrus"
 )
@@ -121,6 +122,7 @@ type Config struct {
 	CveDict  GoCveDictConf `json:"cveDict"`
 	OvalDict GovalDictConf `json:"ovalDict"`
 	Gost     GostConf      `json:"gost"`
+	Exploit  ExploitConf   `json:"exploit"`

 	Slack    SlackConf    `json:"-"`
 	EMail    SMTPConf     `json:"-"`
@@ -734,7 +736,7 @@ type GoCveDictConf struct {
 	Type string

 	// http://cve-dictionary.com:1323 or DB connection string
-	URL string `valid:"url" json:"-"`
+	URL string `json:"-"`

 	// /path/to/cve.sqlite3
 	SQLite3Path string `json:"-"`
@@ -788,7 +790,7 @@ type GovalDictConf struct {
 	Type string

 	// http://goval-dictionary.com:1324 or DB connection string
-	URL string `valid:"url" json:"-"`
+	URL string `json:"-"`

 	// /path/to/oval.sqlite3
 	SQLite3Path string `json:"-"`
@@ -841,7 +843,7 @@ type GostConf struct {
 	Type string

 	// http://gost-dictionary.com:1324 or DB connection string
-	URL string `valid:"url" json:"-"`
+	URL string `json:"-"`

 	// /path/to/gost.sqlite3
 	SQLite3Path string `json:"-"`
@@ -888,6 +890,59 @@ func (cnf *GostConf) Overwrite(cmdOpt GostConf) {
 	cnf.setDefault()
 }

+// ExploitConf is exploit config
+type ExploitConf struct {
+	// DB type for exploit dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://exploit-dictionary.com:1324 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/exploit.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *ExploitConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "go-exploitdb.sqlite3")
+	}
+}
+
+const exploitDBType = "EXPLOITDB_TYPE"
+const exploitDBURL = "EXPLOITDB_URL"
+const exploitDBPATH = "EXPLOITDB_SQLITE3_PATH"
+
+// Overwrite set options with the following priority.
+// 1. Command line option
+// 2. Environment variable
+// 3. config.toml
+func (cnf *ExploitConf) Overwrite(cmdOpt ExploitConf) {
+	if os.Getenv(exploitDBType) != "" {
+		cnf.Type = os.Getenv(exploitDBType)
+	}
+	if os.Getenv(exploitDBURL) != "" {
+		cnf.URL = os.Getenv(exploitDBURL)
+	}
+	if os.Getenv(exploitDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(exploitDBPATH)
+	}
+
+	if cmdOpt.Type != "" {
+		cnf.Type = cmdOpt.Type
+	}
+	if cmdOpt.URL != "" {
+		cnf.URL = cmdOpt.URL
+	}
+	if cmdOpt.SQLite3Path != "" {
+		cnf.SQLite3Path = cmdOpt.SQLite3Path
+	}
+	cnf.setDefault()
+}
+
 // AWS is aws config
 type AWS struct {
 	// AWS profile to use
--- a/config/tomlloader.go
+++ b/config/tomlloader.go
@@ -51,6 +51,7 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 	Conf.CveDict = conf.CveDict
 	Conf.OvalDict = conf.OvalDict
 	Conf.Gost = conf.Gost
+	Conf.Exploit = conf.Exploit

 	d := conf.Default
 	Conf.Default = d
@@ -104,7 +105,6 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 				}
 			}

-			//  s.KeyPassword = keyPass
 			s.KeyPassword = v.KeyPassword
 			if len(s.KeyPassword) == 0 {
 				s.KeyPassword = d.KeyPassword
--- a/exploit/exploit.go
+++ b/exploit/exploit.go
@@ -0,0 +1,119 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package exploit
+
+import (
+	"fmt"
+	"net/http"
+
+	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/mozqnet/go-exploitdb/db"
+	exploitmodels "github.com/mozqnet/go-exploitdb/models"
+	"github.com/parnurzeal/gorequest"
+)
+
+// FillWithExploit fills exploit information that has in Exploit
+func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) {
+	if isFetchViaHTTP() {
+		// TODO
+		return 0, fmt.Errorf("We are not yet supporting data acquisition in exploitdb server mode")
+	}
+
+	if driver == nil {
+		return 0, nil
+	}
+	for cveID, vuln := range r.ScannedCves {
+		es := driver.GetExploitByCveID(cveID)
+		if len(es) == 0 {
+			continue
+		}
+		exploits := ConvertToModel(es)
+		vuln.Exploits = exploits
+		r.ScannedCves[cveID] = vuln
+		nExploitCve++
+	}
+	return nExploitCve, nil
+}
+
+// ConvertToModel converts gost model to vuls model
+func ConvertToModel(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
+	for _, e := range es {
+		var documentURL, paperURL, shellURL *string
+		var description string
+		if e.Document != nil {
+			documentURL = &e.Document.DocumentURL
+			description = e.Document.Description
+		}
+		if e.ShellCode != nil {
+			shellURL = &e.ShellCode.ShellCodeURL
+			description = e.ShellCode.Description
+		}
+		if e.Paper != nil {
+			paperURL = &e.Paper.PaperURL
+			description = e.Paper.Description
+		}
+		exploit := models.Exploit{
+			ExploitType:  models.ExploitDB,
+			ID:           e.ExploitDBID,
+			URL:          e.ExploitDBURL,
+			Description:  description,
+			DocumentURL:  documentURL,
+			ShellCodeURL: shellURL,
+			PaperURL:     paperURL,
+		}
+		exploits = append(exploits, exploit)
+	}
+	return exploits
+}
+
+// CheckHTTPHealth do health check
+func CheckHTTPHealth() error {
+	if !isFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.Conf.Exploit.URL)
+	var errs []error
+	var resp *http.Response
+	resp, _, errs = gorequest.New().Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return fmt.Errorf("Failed to connect to exploit server. url: %s, errs: %v",
+			url, errs)
+	}
+	return nil
+}
+
+// CheckIfExploitFetched checks if oval entries are in DB by family, release.
+func CheckIfExploitFetched(driver db.DB, osFamily string) (fetched bool, err error) {
+	//TODO
+	return true, nil
+}
+
+// CheckIfExploitFresh checks if oval entries are fresh enough
+func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) {
+	//TODO
+	return true, nil
+}
+
+func isFetchViaHTTP() bool {
+	// Default value of OvalDBType is sqlite3
+	return cnf.Conf.Exploit.URL != "" && cnf.Conf.Exploit.Type == "sqlite3"
+}
--- a/exploit/exploit_test.go
+++ b/exploit/exploit_test.go
@@ -0,0 +1,8 @@
+package exploit
+
+import (
+	"testing"
+)
+
+func TestSetPackageStates(t *testing.T) {
+}
--- a/exploit/util.go
+++ b/exploit/util.go
@@ -0,0 +1,133 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package exploit
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/util"
+	"github.com/parnurzeal/gorequest"
+)
+
+type response struct {
+	request request
+	json    string
+}
+
+func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
+	responses []response, err error) {
+	nReq := len(cveIDs)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan response, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- request{
+				cveID: cveID,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					urlPrefix,
+					req.cveID,
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			responses = append(responses, res)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, fmt.Errorf("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+	}
+	return
+}
+
+type request struct {
+	osMajorVersion string
+	packName       string
+	isSrcPack      bool
+	cveID          string
+}
+
+func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	count, retryMax := 0, 3
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			count++
+			if count == retryMax {
+				return nil
+			}
+			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- fmt.Errorf("HTTP Error %s", err)
+		return
+	}
+	if count == retryMax {
+		errChan <- fmt.Errorf("HRetry count exceeded")
+		return
+	}
+
+	resChan <- response{
+		request: req,
+		json:    body,
+	}
+}
--- a/gost/gost.go
+++ b/gost/gost.go
@@ -46,6 +46,8 @@ func NewClient(family string) Client {
 		return RedHat{}
 	case cnf.Debian:
 		return Debian{}
+	case cnf.Windows:
+		return Microsoft{}
 	default:
 		return Pseudo{}
 	}
--- a/gost/microsoft.go
+++ b/gost/microsoft.go
@@ -0,0 +1,113 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"strings"
+
+	"github.com/future-architect/vuls/models"
+	"github.com/knqyf263/gost/db"
+	gostmodels "github.com/knqyf263/gost/models"
+)
+
+// Microsoft is Gost client for windows
+type Microsoft struct {
+	Base
+}
+
+// FillWithGost fills cve information that has in Gost
+func (ms Microsoft) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	if driver == nil {
+		return 0, nil
+	}
+	var cveIDs []string
+	for cveID := range r.ScannedCves {
+		cveIDs = append(cveIDs, cveID)
+	}
+	for cveID, msCve := range driver.GetMicrosoftMulti(cveIDs) {
+		if _, ok := r.ScannedCves[cveID]; !ok {
+			continue
+		}
+		cveCont := ms.ConvertToModel(&msCve)
+		v, _ := r.ScannedCves[cveID]
+		v.CveContents[models.Microsoft] = *cveCont
+		r.ScannedCves[cveID] = v
+	}
+	return len(cveIDs), nil
+}
+
+// ConvertToModel converts gost model to vuls model
+func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveContent {
+	v3score := 0.0
+	var v3Vector string
+	for _, scoreSet := range cve.ScoreSets {
+		if v3score < scoreSet.BaseScore {
+			v3score = scoreSet.BaseScore
+			v3Vector = scoreSet.Vector
+		}
+	}
+
+	var v3Severity string
+	for _, s := range cve.Severity {
+		v3Severity = s.Description
+	}
+
+	var refs []models.Reference
+	for _, r := range cve.References {
+		if r.AttrType == "External" {
+			refs = append(refs, models.Reference{Link: r.URL})
+		}
+	}
+
+	var cwe []string
+	if 0 < len(cve.CWE) {
+		cwe = []string{cve.CWE}
+	}
+
+	option := map[string]string{}
+	if 0 < len(cve.ExploitStatus) {
+		option["exploit"] = cve.ExploitStatus
+	}
+	if 0 < len(cve.Workaround) {
+		option["workaround"] = cve.Workaround
+	}
+	var kbids []string
+	for _, kbid := range cve.KBIDs {
+		kbids = append(kbids, kbid.KBID)
+	}
+	if 0 < len(kbids) {
+		option["kbids"] = strings.Join(kbids, ",")
+	}
+
+	return &models.CveContent{
+		Type:          models.Microsoft,
+		CveID:         cve.CveID,
+		Title:         cve.Title,
+		Summary:       cve.Description,
+		Cvss3Score:    v3score,
+		Cvss3Vector:   v3Vector,
+		Cvss3Severity: v3Severity,
+		References:    refs,
+		CweIDs:        cwe,
+		Mitigation:    cve.Mitigation,
+		Published:     cve.PublishDate,
+		LastModified:  cve.LastUpdateDate,
+		SourceLink:    "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/" + cve.CveID,
+		Optional:      option,
+	}
+}
--- a/gost/redhat.go
+++ b/gost/redhat.go
@@ -108,7 +108,15 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
 				cveCont := red.ConvertToModel(&cve)
 				v, ok := r.ScannedCves[cve.Name]
 				if ok {
-					v.CveContents[models.RedHatAPI] = *cveCont
+					if _, ok := v.CveContents[models.RedHatAPI]; ok {
+						v.CveContents[models.RedHatAPI] = *cveCont
+					} else {
+						v = models.VulnInfo{
+							CveID:       cveCont.CveID,
+							CveContents: models.NewCveContents(*cveCont),
+							Confidences: models.Confidences{models.RedHatAPIMatch},
+						}
+					}
 				} else {
 					v = models.VulnInfo{
 						CveID:       cveCont.CveID,
@@ -138,7 +146,15 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
 				cveCont := red.ConvertToModel(&cve)
 				v, ok := r.ScannedCves[cve.Name]
 				if ok {
-					v.CveContents[models.RedHatAPI] = *cveCont
+					if _, ok := v.CveContents[models.RedHatAPI]; ok {
+						v.CveContents[models.RedHatAPI] = *cveCont
+					} else {
+						v = models.VulnInfo{
+							CveID:       cveCont.CveID,
+							CveContents: models.NewCveContents(*cveCont),
+							Confidences: models.Confidences{models.RedHatAPIMatch},
+						}
+					}
 				} else {
 					v = models.VulnInfo{
 						CveID:       cveCont.CveID,
@@ -192,18 +208,23 @@ func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPa
 	return
 }

-// ConvertToModel converts gost model to vuls model
-func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
-	cwes := []string{}
-	if cve.Cwe != "" {
-		s := strings.TrimPrefix(cve.Cwe, "(")
-		s = strings.TrimSuffix(s, ")")
-		if strings.Contains(cve.Cwe, "|") {
-			cwes = strings.Split(cve.Cwe, "|")
-		} else {
-			cwes = strings.Split(s, "->")
+func (red RedHat) parseCwe(str string) (cwes []string) {
+	if str != "" {
+		s := strings.Replace(str, "(", "|", -1)
+		s = strings.Replace(s, ")", "|", -1)
+		s = strings.Replace(s, "->", "|", -1)
+		for _, s := range strings.Split(s, "|") {
+			if s != "" {
+				cwes = append(cwes, s)
+			}
 		}
 	}
+	return
+}
+
+// ConvertToModel converts gost model to vuls model
+func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
+	cwes := red.parseCwe(cve.Cwe)

 	details := []string{}
 	for _, detail := range cve.Details {
--- a/gost/redhat_test.go
+++ b/gost/redhat_test.go
@@ -0,0 +1,37 @@
+package gost
+
+import (
+	"reflect"
+	"sort"
+	"testing"
+)
+
+func TestParseCwe(t *testing.T) {
+	var tests = []struct {
+		in  string
+		out []string
+	}{
+		{
+			in:  "CWE-665->(CWE-200|CWE-89)",
+			out: []string{"CWE-665", "CWE-200", "CWE-89"},
+		},
+		{
+			in:  "CWE-841->CWE-770->CWE-454",
+			out: []string{"CWE-841", "CWE-770", "CWE-454"},
+		},
+		{
+			in:  "(CWE-122|CWE-125)",
+			out: []string{"CWE-122", "CWE-125"},
+		},
+	}
+
+	r := RedHat{}
+	for i, tt := range tests {
+		out := r.parseCwe(tt.in)
+		sort.Strings(out)
+		sort.Strings(tt.out)
+		if !reflect.DeepEqual(tt.out, out) {
+			t.Errorf("[%d]expected: %s, actual: %s", i, tt.out, out)
+		}
+	}
+}
--- a/models/cvecontents.go
+++ b/models/cvecontents.go
@@ -228,6 +228,8 @@ func NewCveContentType(name string) CveContentType {
 		return RedHatAPI
 	case "debian_security_tracker":
 		return DebianSecurityTracker
+	case "microsoft":
+		return Microsoft
 	default:
 		return Unknown
 	}
@@ -264,6 +266,9 @@ const (
 	// SUSE is SUSE Linux
 	SUSE CveContentType = "suse"

+	// Microsoft is Microsoft
+	Microsoft CveContentType = "microsoft"
+
 	// Unknown is Unknown
 	Unknown CveContentType = "unknown"
 )
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -309,12 +309,13 @@ func (r ScanResult) FormatTextReportHeadedr() string {
 		buf.WriteString("=")
 	}

-	return fmt.Sprintf("%s\n%s\n%s, %s, %s\n",
+	return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s\n",
 		r.ServerInfo(),
 		buf.String(),
 		r.ScannedCves.FormatCveSummary(),
 		r.ScannedCves.FormatFixedStatus(r.Packages),
 		r.FormatUpdatablePacksSummary(),
+		r.FormatExploitCveSummary(),
 	)
 }

@@ -338,6 +339,17 @@ func (r ScanResult) FormatUpdatablePacksSummary() string {
 		nUpdatable)
 }

+// FormatExploitCveSummary returns a summary of exploit cve
+func (r ScanResult) FormatExploitCveSummary() string {
+	nExploitCve := 0
+	for _, vuln := range r.ScannedCves {
+		if 0 < len(vuln.Exploits) {
+			nExploitCve++
+		}
+	}
+	return fmt.Sprintf("%d cves with exploit", nExploitCve)
+}
+
 func (r ScanResult) isDisplayUpdatableNum() bool {
 	var mode config.ScanMode
 	s, _ := config.Conf.Servers[r.ServerName]
--- a/models/vulninfos.go
+++ b/models/vulninfos.go
@@ -166,6 +166,7 @@ type VulnInfo struct {
 	DistroAdvisories []DistroAdvisory `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
 	CpeURIs          []string         `json:"cpeURIs,omitempty"`          // CpeURIs related to this CVE defined in config.toml
 	CveContents      CveContents      `json:"cveContents"`
+	Exploits         []Exploit        `json:"exploits"`
 }

 // Titles returns tilte (TUI)
@@ -713,6 +714,26 @@ func (p DistroAdvisory) Format() string {
 	return strings.Join(buf, "\n")
 }

+// ExploitType is exploit type
+type ExploitType string
+
+const (
+	// ExploitDB : https://www.exploit-db.com/
+	ExploitDB ExploitType = "exploitdb"
+)
+
+// Exploit :
+type Exploit struct {
+	ExploitType  ExploitType `json:"exploitType"`
+	ID           string      `json:"id"`
+	URL          string      `json:"url"`
+	Description  string      `json:"description"`
+	DocumentURL  *string     `json:"documentURL,omitempty"`
+	PaperURL     *string     `json:"paperURL,omitempty"`
+	ShellCodeURL *string     `json:"shellCodeURL,omitempty"`
+	BinaryURL    *string     `json:"binaryURL,omitempty"`
+}
+
 // Confidences is a list of Confidence
 type Confidences []Confidence

--- a/report/azureblob.go
+++ b/report/azureblob.go
@@ -136,7 +136,7 @@ func createBlockBlob(cli storage.BlobStorageClient, k string, b []byte) error {
 		if b, err = gz(b); err != nil {
 			return err
 		}
-		k = k + ".gz"
+		k += ".gz"
 	}

 	ref := cli.GetContainerReference(c.Conf.Azure.ContainerName)
--- a/report/db_client.go
+++ b/report/db_client.go
@@ -9,13 +9,15 @@ import (
 	gostdb "github.com/knqyf263/gost/db"
 	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
 	ovaldb "github.com/kotakanbe/goval-dictionary/db"
+	exploitdb "github.com/mozqnet/go-exploitdb/db"
 )

 // DBClient is a dictionarie's db client for reporting
 type DBClient struct {
-	CveDB  cvedb.DB
-	OvalDB ovaldb.DB
-	GostDB gostdb.DB
+	CveDB     cvedb.DB
+	OvalDB    ovaldb.DB
+	GostDB    gostdb.DB
+	ExploitDB exploitdb.DB
 }

 // DBClientConf has a configuration of Vulnerability DBs
@@ -23,6 +25,7 @@ type DBClientConf struct {
 	CveDictCnf  config.GoCveDictConf
 	OvalDictCnf config.GovalDictConf
 	GostCnf     config.GostConf
+	ExploitCnf  config.ExploitConf
 	DebugSQL    bool
 }

@@ -38,6 +41,10 @@ func (c DBClientConf) isGostViaHTTP() bool {
 	return c.GostCnf.URL != "" && c.GostCnf.Type == "sqlite3"
 }

+func (c DBClientConf) isExploitViaHTTP() bool {
+	return c.ExploitCnf.URL != "" && c.ExploitCnf.Type == "sqlite3"
+}
+
 // NewDBClient returns db clients
 func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error) {
 	cveDriver, locked, err := NewCveDB(cnf)
@@ -63,10 +70,20 @@ func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error)
 			cnf.GostCnf.SQLite3Path, err)
 	}

+	exploitdb, locked, err := NewExploitDB(cnf)
+	if locked {
+		return nil, true, fmt.Errorf("exploitDB is locked: %s",
+			cnf.ExploitCnf.SQLite3Path)
+	} else if err != nil {
+		util.Log.Warnf("Unable to use exploitDB: %s, err: %s",
+			cnf.ExploitCnf.SQLite3Path, err)
+	}
+
 	return &DBClient{
-		CveDB:  cveDriver,
-		OvalDB: ovaldb,
-		GostDB: gostdb,
+		CveDB:     cveDriver,
+		OvalDB:    ovaldb,
+		GostDB:    gostdb,
+		ExploitDB: exploitdb,
 	}, false, nil
 }

@@ -143,6 +160,32 @@ func NewGostDB(cnf DBClientConf) (driver gostdb.DB, locked bool, err error) {
 	return driver, false, nil
 }

+// NewExploitDB returns db client for Exploit
+func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error) {
+	if cnf.isExploitViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.ExploitCnf.URL
+	if cnf.ExploitCnf.Type == "sqlite3" {
+		path = cnf.ExploitCnf.SQLite3Path
+
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			util.Log.Warnf("--exploitdb-path=%s is not found. It's recommended to use exploit to improve scanning accuracy. To use exploit db database, see https://github.com/mozqnet/go-exploitdb", path)
+			return nil, false, nil
+		}
+	}
+
+	util.Log.Debugf("Open exploit db (%s): %s", cnf.ExploitCnf.Type, path)
+	if driver, locked, err = exploitdb.NewDB(cnf.ExploitCnf.Type, path, cnf.DebugSQL); err != nil {
+		if locked {
+			util.Log.Errorf("exploitDB is locked: %s", err)
+			return nil, true, err
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}
+
 // CloseDB close dbs
 func (d DBClient) CloseDB() {
 	if d.CveDB != nil {
--- a/report/localfile.go
+++ b/report/localfile.go
@@ -129,7 +129,7 @@ func writeFile(path string, data []byte, perm os.FileMode) error {
 		if data, err = gz(data); err != nil {
 			return err
 		}
-		path = path + ".gz"
+		path += ".gz"
 	}
 	return ioutil.WriteFile(path, []byte(data), perm)
 }
--- a/report/report.go
+++ b/report/report.go
@@ -32,6 +32,7 @@ import (
 	c "github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/contrib/owasp-dependency-check/parser"
 	"github.com/future-architect/vuls/cwe"
+	"github.com/future-architect/vuls/exploit"
 	"github.com/future-architect/vuls/gost"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/oval"
@@ -40,6 +41,7 @@ import (
 	gostdb "github.com/knqyf263/gost/db"
 	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
 	ovaldb "github.com/kotakanbe/goval-dictionary/db"
+	exploitdb "github.com/mozqnet/go-exploitdb/db"
 )

 const (
@@ -176,6 +178,14 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string) erro
 		return fmt.Errorf("Failed to fill with CVE: %s", err)
 	}

+	util.Log.Infof("Fill Exploit information with Exploit-DB")
+	nExploitCve, err := FillWithExploit(dbclient.ExploitDB, r)
+	if err != nil {
+		return fmt.Errorf("Failed to fill with exploit: %s", err)
+	}
+	util.Log.Infof("%s: %d Exploits are detected with exploit",
+		r.FormatServerName(), nExploitCve)
+
 	fillCweDict(r)
 	return nil
 }
@@ -292,6 +302,14 @@ func FillWithGost(driver gostdb.DB, r *models.ScanResult) (nCVEs int, err error)
 	return gostClient.FillWithGost(driver, r)
 }

+// FillWithExploit fills Exploits with exploit dataabase
+// https://github.com/mozqnet/go-exploitdb
+func FillWithExploit(driver exploitdb.DB, r *models.ScanResult) (nExploitCve int, err error) {
+	// TODO chekc if fetched
+	// TODO chekc if fresh enough
+	return exploit.FillWithExploit(driver, r)
+}
+
 func fillVulnByCpeURIs(driver cvedb.DB, r *models.ScanResult, cpeURIs []string) (nCVEs int, err error) {
 	for _, name := range cpeURIs {
 		details, err := CveClient.FetchCveDetailsByCpeName(driver, name)
@@ -454,6 +472,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) error {
 	cveDict := &c.Conf.CveDict
 	ovalDict := &c.Conf.OvalDict
 	gost := &c.Conf.Gost
+	exploit := &c.Conf.Exploit
 	http := &c.Conf.HTTP
 	if http.URL == "" {
 		http = nil
@@ -498,6 +517,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) error {
 		CveDict  *c.GoCveDictConf `toml:"cveDict"`
 		OvalDict *c.GovalDictConf `toml:"ovalDict"`
 		Gost     *c.GostConf      `toml:"gost"`
+		Exploit  *c.ExploitConf   `toml:"exploit"`
 		Slack    *c.SlackConf     `toml:"slack"`
 		Email    *c.SMTPConf      `toml:"email"`
 		HTTP     *c.HTTPConf      `toml:"http"`
@@ -515,6 +535,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) error {
 		CveDict:  cveDict,
 		OvalDict: ovalDict,
 		Gost:     gost,
+		Exploit:  exploit,
 		Slack:    slack,
 		Email:    email,
 		HTTP:     http,
--- a/report/s3.go
+++ b/report/s3.go
@@ -144,7 +144,7 @@ func putObject(svc *s3.S3, k string, b []byte) error {
 		if b, err = gz(b); err != nil {
 			return err
 		}
-		k = k + ".gz"
+		k += ".gz"
 	}

 	putObjectInput := &s3.PutObjectInput{
--- a/report/syslog.go
+++ b/report/syslog.go
@@ -19,9 +19,10 @@ package report

 import (
 	"fmt"
-	"log/syslog"
 	"strings"

+	syslog "github.com/RackSec/srslog"
+
 	"github.com/pkg/errors"

 	"github.com/future-architect/vuls/config"
--- a/report/tui.go
+++ b/report/tui.go
@@ -51,16 +51,14 @@ func RunTui(results models.ScanResults) subcommands.ExitStatus {
 		return scanResults[i].ServerName < scanResults[j].ServerName
 	})

-	// g, err := gocui.NewGui(gocui.OutputNormal)
-	g := gocui.NewGui()
-	if err := g.Init(); err != nil {
+	g, err := gocui.NewGui(gocui.OutputNormal)
+	if err != nil {
 		util.Log.Errorf("%s", err)
 		return subcommands.ExitFailure
 	}
 	defer g.Close()

-	g.SetLayout(layout)
-	// g.SetManagerFunc(layout)
+	g.SetManagerFunc(layout)
 	if err := keybindings(g); err != nil {
 		util.Log.Errorf("%s", err)
 		return subcommands.ExitFailure
@@ -185,19 +183,19 @@ func nextView(g *gocui.Gui, v *gocui.View) error {
 	var err error

 	if v == nil {
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
-		err = g.SetCurrentView("summary")
+		_, err = g.SetCurrentView("summary")
 	case "summary":
-		err = g.SetCurrentView("detail")
+		_, err = g.SetCurrentView("detail")
 	case "detail":
-		err = g.SetCurrentView("changelog")
+		_, err = g.SetCurrentView("changelog")
 	case "changelog":
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	default:
-		err = g.SetCurrentView("summary")
+		_, err = g.SetCurrentView("summary")
 	}
 	return err
 }
@@ -206,19 +204,19 @@ func previousView(g *gocui.Gui, v *gocui.View) error {
 	var err error

 	if v == nil {
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	}
 	switch v.Name() {
 	case "side":
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	case "summary":
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	case "detail":
-		err = g.SetCurrentView("summary")
+		_, err = g.SetCurrentView("summary")
 	case "changelog":
-		err = g.SetCurrentView("detail")
+		_, err = g.SetCurrentView("detail")
 	default:
-		err = g.SetCurrentView("side")
+		_, err = g.SetCurrentView("side")
 	}
 	return err
 }
@@ -401,7 +399,7 @@ func cursorPageUp(g *gocui.Gui, v *gocui.View) error {
 func previousSummary(g *gocui.Gui, v *gocui.View) error {
 	if v != nil {
 		// cursor to summary
-		if err := g.SetCurrentView("summary"); err != nil {
+		if _, err := g.SetCurrentView("summary"); err != nil {
 			return err
 		}
 		// move next line
@@ -409,7 +407,7 @@ func previousSummary(g *gocui.Gui, v *gocui.View) error {
 			return err
 		}
 		// cursor to detail
-		if err := g.SetCurrentView("detail"); err != nil {
+		if _, err := g.SetCurrentView("detail"); err != nil {
 			return err
 		}
 	}
@@ -419,7 +417,7 @@ func previousSummary(g *gocui.Gui, v *gocui.View) error {
 func nextSummary(g *gocui.Gui, v *gocui.View) error {
 	if v != nil {
 		// cursor to summary
-		if err := g.SetCurrentView("summary"); err != nil {
+		if _, err := g.SetCurrentView("summary"); err != nil {
 			return err
 		}
 		// move next line
@@ -427,7 +425,7 @@ func nextSummary(g *gocui.Gui, v *gocui.View) error {
 			return err
 		}
 		// cursor to detail
-		if err := g.SetCurrentView("detail"); err != nil {
+		if _, err := g.SetCurrentView("detail"); err != nil {
 			return err
 		}
 	}
@@ -501,7 +499,7 @@ func getLine(g *gocui.Gui, v *gocui.View) error {
 			return err
 		}
 		fmt.Fprintln(v, l)
-		if err := g.SetCurrentView("msg"); err != nil {
+		if _, err := g.SetCurrentView("msg"); err != nil {
 			return err
 		}
 	}
@@ -524,7 +522,7 @@ func showMsg(g *gocui.Gui, v *gocui.View) error {
 			return err
 		}
 		fmt.Fprintln(v, l)
-		if err := g.SetCurrentView("msg"); err != nil {
+		if _, err := g.SetCurrentView("msg"); err != nil {
 			return err
 		}
 	}
@@ -535,7 +533,8 @@ func delMsg(g *gocui.Gui, v *gocui.View) error {
 	if err := g.DeleteView("msg"); err != nil {
 		return err
 	}
-	return g.SetCurrentView("summary")
+	_, err := g.SetCurrentView("summary")
+	return err
 }

 func quit(g *gocui.Gui, v *gocui.View) error {
@@ -584,7 +583,7 @@ func setSideLayout(g *gocui.Gui) error {
 		}
 		currentScanResult = scanResults[0]
 		vinfos = scanResults[0].ScannedCves.ToSortedSlice()
-		if err := g.SetCurrentView("side"); err != nil {
+		if _, err := g.SetCurrentView("side"); err != nil {
 			return err
 		}
 	}
@@ -710,9 +709,17 @@ func setChangelogLayout(g *gocui.Gui) error {
 		for _, affected := range vinfo.AffectedPackages {
 			// packages detected by OVAL may not be actually installed
 			if pack, ok := currentScanResult.Packages[affected.Name]; ok {
-				lines = append(lines,
-					"* "+pack.FormatVersionFromTo(
-						affected.NotFixedYet, affected.FixState))
+				var line string
+				if pack.Repository != "" {
+					line = fmt.Sprintf("* %s (%s)",
+						pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
+						pack.Repository)
+				} else {
+					line = fmt.Sprintf("* %s",
+						pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
+					)
+				}
+				lines = append(lines, line)

 				if len(pack.AffectedProcs) != 0 {
 					for _, p := range pack.AffectedProcs {
@@ -736,6 +743,16 @@ func setChangelogLayout(g *gocui.Gui) error {
 			lines = append(lines, adv.Format())
 		}

+		if len(vinfo.Exploits) != 0 {
+			lines = append(lines, "\n",
+				"Exploit Codes",
+				"=============",
+			)
+			for _, exploit := range vinfo.Exploits {
+				lines = append(lines, fmt.Sprintf("* [%s](%s)", exploit.Description, exploit.URL))
+			}
+		}
+
 		if currentScanResult.IsDeepScanMode() {
 			lines = append(lines, "\n",
 				"ChangeLogs",
@@ -763,6 +780,7 @@ func setChangelogLayout(g *gocui.Gui) error {
 type dataForTmpl struct {
 	CveID            string
 	Cvsses           string
+	Exploits         []models.Exploit
 	Summary          string
 	Mitigation       string
 	Confidences      models.Confidences
@@ -870,6 +888,7 @@ const mdTemplate = `
 CVSS Scores
 -----------
 {{.Cvsses }}
+
 Summary
 -----------
 {{.Summary }}
--- a/report/util.go
+++ b/report/util.go
@@ -50,6 +50,7 @@ func formatScanSummary(rs ...models.ScanResult) string {
 				r.FormatServerName(),
 				fmt.Sprintf("%s%s", r.Family, r.Release),
 				r.FormatUpdatablePacksSummary(),
+				r.FormatExploitCveSummary(),
 			}
 		} else {
 			cols = []interface{}{
@@ -76,6 +77,7 @@ func formatOneLineSummary(rs ...models.ScanResult) string {
 				r.ScannedCves.FormatCveSummary(),
 				r.ScannedCves.FormatFixedStatus(r.Packages),
 				r.FormatUpdatablePacksSummary(),
+				r.FormatExploitCveSummary(),
 			}
 		} else {
 			cols = []interface{}{
@@ -123,6 +125,7 @@ No CVE-IDs are found in updatable packages.
 			fmt.Sprintf("%7s", vinfo.PatchStatus(r.Packages)),
 			// packname,
 			fmt.Sprintf("https://nvd.nist.gov/vuln/detail/%s", vinfo.CveID),
+			fmt.Sprintf("%t", 0 < len(vinfo.Exploits)),
 		})
 	}

@@ -137,6 +140,7 @@ No CVE-IDs are found in updatable packages.
 		"Fixed",
 		// "Pkg",
 		"NVD",
+		"Exploit",
 	})
 	table.SetBorder(true)
 	table.AppendBulk(data)
@@ -203,8 +207,18 @@ No CVE-IDs are found in updatable packages.
 		vuln.AffectedPackages.Sort()
 		for _, affected := range vuln.AffectedPackages {
 			if pack, ok := r.Packages[affected.Name]; ok {
-				data = append(data, []string{"Affected PKG",
-					pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState)})
+				var line string
+				if pack.Repository != "" {
+					line = fmt.Sprintf("%s (%s)",
+						pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
+						pack.Repository)
+				} else {
+					line = fmt.Sprintf("%s",
+						pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
+					)
+				}
+				data = append(data, []string{"Affected Pkg", line})
+
 				if len(pack.AffectedProcs) != 0 {
 					for _, p := range pack.AffectedProcs {
 						data = append(data, []string{"",
@@ -240,6 +254,9 @@ No CVE-IDs are found in updatable packages.
 		for _, url := range cweURLs {
 			data = append(data, []string{"CWE", url})
 		}
+		for _, exploit := range vuln.Exploits {
+			data = append(data, []string{string(exploit.ExploitType), exploit.URL})
+		}
 		for _, url := range top10URLs {
 			data = append(data, []string{"OWASP Top10", url})
 		}
@@ -259,10 +276,6 @@ No CVE-IDs are found in updatable packages.
 			"",
 		})
 		table.SetBorder(true)
-		table.SetHeaderColor(
-			tablewriter.Colors{tablewriter.Normal},
-			tablewriter.Colors{tablewriter.Normal},
-		)
 		table.AppendBulk(data)
 		table.Render()
 		lines += b.String() + "\n"
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -62,7 +62,7 @@ func detectDebian(c config.ServerInfo) (itsMe bool, deb osTypeInterface, err err
 			return false, deb, nil
 		}
 		if r.ExitStatus == 255 {
-			return false, deb, fmt.Errorf("Unable to connect via SSH. Check SSH settings. If you have never SSH to the host to be scanned, SSH to the host before scanning in order to add the HostKey. %s@%s port: %s\n%s", c.User, c.Host, c.Port, r)
+			return false, deb, fmt.Errorf("Unable to connect via SSH. Scan with -vvv option to print SSH debugging messages and check SSH settings. If you have never SSH to the host to be scanned, SSH to the host before scanning in order to add the HostKey. %s@%s port: %s\n%s", c.User, c.Host, c.Port, r)
 		}
 		util.Log.Debugf("Not Debian like Linux. %s", r)
 		return false, deb, nil
Author	SHA1	Message	Date
sadayuki-matsuno	9865eab2c0	Display exploit codes information for each detected CVE-IDs (#729 ) * add exploit * bug fix while loading config in TUI, display in format-full-text * fix readme	2018-11-03 16:36:59 +09:00
Kota Kanbe	678e72a8b6	fix(gost): a bug of parseCwe (#726 )	2018-10-29 21:21:20 +09:00
sadayuki-matsuno	ec41899089	check cve_contents init (#725 ) check cve_contents init to avoid nil pointer	2018-10-29 16:27:54 +09:00
Harald Nordgren	b2d913cc21	Bump Go versions and use '.x' to always get latest patch versions (#724 )	2018-10-29 16:26:20 +09:00
sadayuki-matsuno	bc86c24e6a	update pkg (#723 ) * update pkg * change lint url	2018-10-18 13:37:17 +09:00
sadayuki-matsuno	87a77dd95c	update pkgs (#720 )	2018-10-10 17:43:26 +09:00
sadayuki-matsuno	e8188f3432	add ms gost (#718 ) * add ms gost * change gost branch	2018-10-05 12:45:26 +09:00
Kota Kanbe	50506be546	[WIP] feat(report): show repository of affected pkgs (#713 ) feat(report): show repository of affected pkgs	2018-10-04 16:01:55 +09:00
Iskander (Alex) Sharipov	4ded028258	config: remove commented-out code from tomlloader (#714 ) Signed-off-by: Iskander Sharipov <quasilyte@gmail.com>	2018-10-04 12:37:58 +09:00
Iskander (Alex) Sharipov	6da8b3c4a1	commands: simplify `s[:]` to s (#715 ) If s is a slice, then `s[:]` is identical to just `s`. Signed-off-by: Iskander Sharipov <quasilyte@gmail.com>	2018-10-04 12:37:31 +09:00
Iskander (Alex) Sharipov	d5c92cbcb3	report: simplify `x = x <op> y` to `x <op>= y` (#716 ) Signed-off-by: Iskander Sharipov <quasilyte@gmail.com>	2018-10-04 12:35:02 +09:00
sadayuki-matsuno	ed5f98d6f0	change syslog pkg (#717 )	2018-10-04 12:34:23 +09:00
Kota Kanbe	f854b8f908	fix(report): fix an error while loading cveDict.type in config.toml (#711 )	2018-10-02 09:27:34 +09:00
Shigechika AIKAWA	de7a6159d4	remove table.SetHeaderColor codes (#709 ) table.SetHeaderColor does not need in case of formatFullPlainText().	2018-09-25 10:31:22 +09:00
Kota Kanbe	6090a34037	fix(cpe): update deps to avoid parsing err of cpeNames (#708 )	2018-09-13 13:42:04 +09:00
Kota Kanbe	f566745479	fix(config): a DB URL error 'does not validate as url' #705 (#706 )	2018-09-11 09:19:24 +09:00
kota kanbe	153234b623	update readme	2018-08-29 22:39:05 +09:00
Kota Kanbe	ac510d21ff	fix(scan): fix err msg when unable to connect via SSH (#702 )	2018-08-29 10:48:32 +09:00