Add test-case to verify proper version comparison in lessThan() (#1178 )

* Add test-case to verify proper version comparison when either/both/neither of newVer and ovalmodels.Package contain "_<minor version>" * Rename vera to newVer in Test_lessThan() * Fix oval/util_test.go formatting (make fmt) Co-authored-by: Richard Alloway (OpenLogic) <ralloway@perforce.com>
chore: add a test-case to #1176 (#1177 )
2021-02-14 05:30:07 +09:00 · 2021-02-12 13:46:29 +09:00 · 2021-02-12 13:33:36 +09:00 · 2021-02-12 13:03:06 +09:00 · 2021-02-11 06:31:51 +09:00 · 2021-02-11 06:31:32 +09:00
149 changed files with 13796 additions and 10203 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '32 20 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
--- a/.github/workflows/golangci.yml
+++ b/.github/workflows/golangci.yml
@@ -0,0 +1,29 @@
+name: golangci-lint
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - master
+  pull_request:
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2
+        with:
+          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
+          version: v1.32
+          args: --timeout=10m
+          
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          # args: --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
--- a/.github/workflows/goreleaser.yml
+++ b/.github/workflows/goreleaser.yml
@@ -0,0 +1,31 @@
+name: goreleaser
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Unshallow
+        run: git fetch --prune --unshallow
+      -
+        name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15
+      -
+        name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -0,0 +1,21 @@
+name: Test
+
+on: [pull_request]
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.15.x
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+
+    - name: Test
+      run: make test
--- a/.github/workflows/tidy.yml
+++ b/.github/workflows/tidy.yml
@@ -0,0 +1,22 @@
+name: go-mod-tidy-pr
+
+on:
+  schedule:
+    - cron: "0 0 * * 1" # Weekly build
+
+jobs:
+  go-mod-tidy-pr:
+    name: go-mod-tidy-pr
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Run go-mod-tidy-pr
+        uses: sue445/go-mod-tidy-pr@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          git_user_name: kotakanbe
+          git_user_email: kotakanbe@gmail.com
+          go_version: 1.15.6
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,3 @@
-vuls
 .vscode
 *.txt
 *.json
@@ -15,4 +14,4 @@ results/
 !setup/docker/*
 .DS_Store
 dist/
-.idea
+.idea
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -0,0 +1,17 @@
+name: golang-ci
+
+linters-settings:
+  errcheck:
+    #exclude: /path/to/file.txt
+
+linters:
+  disable-all: true
+  enable:
+    - goimports
+    - golint
+    - govet
+    - misspell
+    - errcheck
+    - staticcheck
+    - prealloc
+    - ineffassign
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -6,19 +6,105 @@ release:
    owner: future-architect
    name: vuls
 builds:
- goos:
+- id: vuls
+  goos:
  - linux
  goarch:
  - amd64
-  main: .
+  main: ./cmd/vuls/main.go
  flags:
-      - -a
-  ldflags: -s -w -X main.version={{.Version}} -X main.revision={{.Commit}} 
+  - -a
+  ldflags: 
+  - -s -w -X github.com/future-architect/vuls/config.Version={{.Version}} -X github.com/future-architect/vuls/config.Revision={{.Commit}}-{{ .CommitDate }}
  binary: vuls
-archive:
+
+- id: vuls-scanner
+  env:
+  - CGO_ENABLED=0
+  goos:
+  - linux
+  goarch:
+  - 386
+  - amd64
+  - arm
+  - arm64
+  main: ./cmd/scanner/main.go
+  flags:
+  - -a
+  - -tags=scanner
+  ldflags: 
+  - -s -w -X github.com/future-architect/vuls/config.Version={{.Version}} -X github.com/future-architect/vuls/config.Revision={{.Commit}}-{{ .CommitDate }}
+  binary: vuls-scanner
+
+- id: trivy-to-vuls
+  env:
+  - CGO_ENABLED=0
+  goos:
+  - linux
+  goarch:
+  - 386
+  - amd64
+  - arm
+  - arm64
+  main: ./contrib/trivy/cmd/main.go
+  binary: trivy-to-vuls
+
+- id: future-vuls
+  env:
+  - CGO_ENABLED=0
+  goos:
+  - linux
+  goarch:
+  - 386
+  - amd64
+  - arm
+  - arm64
+  flags:
+  - -a
+  - -tags=scanner
+  main: ./contrib/future-vuls/cmd/main.go
+  binary: future-vuls
+
+archives:
+
+- id: vuls
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  builds:
+  - vuls
+  format: tar.gz
+  files:
+  - LICENSE
+  - NOTICE
+  - README*
+  - CHANGELOG.md
+
+- id: vuls-scanner
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  builds:
+  - vuls-scanner
+  format: tar.gz
+  files:
+  - LICENSE
+  - NOTICE
+  - README*
+  - CHANGELOG.md
+
+- id: trivy-to-vuls
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  builds:
+  - trivy-to-vuls
+  format: tar.gz
+  files:
+  - LICENSE
+  - NOTICE
+  - README*
+  - CHANGELOG.md
+
+- id: future-vuls
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
+  builds:
+  - future-vuls
  format: tar.gz
-  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{
-    .Arm }}{{ end }}'
  files:
  - LICENSE
  - NOTICE
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,7 +0,0 @@
-language: go
-
-go:
-  - "1.13.x"
-
-after_success:
-  - test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash
--- a/2
+++ b/2
@@ -11,7 +11,7 @@ COPY . $GOPATH/src/$REPOSITORY
 RUN cd $GOPATH/src/$REPOSITORY && make install


-FROM alpine:3.7
+FROM alpine:3.11

 MAINTAINER hikachan sadayuki-matsuno

--- a/26
+++ b/26
@@ -20,19 +20,26 @@ BUILDTIME := $(shell date "+%Y%m%d_%H%M%S")
 LDFLAGS := -X 'github.com/future-architect/vuls/config.Version=$(VERSION)' \
    -X 'github.com/future-architect/vuls/config.Revision=build-$(BUILDTIME)_$(REVISION)'
 GO := GO111MODULE=on go
+CGO_UNABLED := CGO_ENABLED=0 go
 GO_OFF := GO111MODULE=off go


 all: build

-build: main.go pretest fmt
-	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls $<
+build: ./cmd/vuls/main.go pretest fmt
+	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/vuls

-b: 	main.go pretest fmt
-	$(GO) build -ldflags "$(LDFLAGS)" -o vuls $<
+b: ./cmd/vuls/main.go 
+	$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/vuls

-install: main.go pretest
-	$(GO) install -ldflags "$(LDFLAGS)"
+install: ./cmd/vuls/main.go pretest fmt
+	$(GO) install -ldflags "$(LDFLAGS)" ./cmd/vuls
+
+build-scanner: ./cmd/scanner/main.go pretest fmt
+	$(CGO_UNABLED) build -tags=scanner -a -ldflags "$(LDFLAGS)" -o vuls ./cmd/scanner
+
+install-scanner: ./cmd/scanner/main.go pretest fmt
+	$(CGO_UNABLED) install -tags=scanner -ldflags "$(LDFLAGS)" ./cmd/scanner

 lint:
 	$(GO_OFF) get -u golang.org/x/lint/golint
@@ -66,3 +73,10 @@ cov:
 clean:
 	echo $(PKGS) | xargs go clean || exit;

+# trivy-to-vuls
+build-trivy-to-vuls: pretest fmt
+	$(GO) build -o trivy-to-vuls contrib/trivy/cmd/*.go
+
+# future-vuls
+build-future-vuls: pretest fmt
+	$(GO) build -o future-vuls contrib/future-vuls/cmd/*.go
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@

 ![Vuls-logo](img/vuls_logo.png)

-Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
+Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go.
 We have a slack team. [Join slack team](http://goo.gl/forms/xm5KFo35tu)
 Twitter: [@vuls_en](https://twitter.com/vuls_en)

@@ -23,20 +23,6 @@ Twitter: [@vuls_en](https://twitter.com/vuls_en)

 ----

-## NEWS
-
-| Version     | Main Feature |  Date |
-|:------------|:---------------------------------|:--------------------|
-| [v0.8.0](https://github.com/future-architect/vuls/releases/tag/v0.8.0) | secret | Coming soon |
-| [v0.7.0](https://github.com/future-architect/vuls/releases/tag/v0.7.0) | WordPress Vulnerability Scan | 2019/Apr/8 |
-| [v0.6.3](https://github.com/future-architect/vuls/releases/tag/v0.6.3) | GitHub Integration | 2019/Feb/20 |
-| [v0.6.2](https://github.com/future-architect/vuls/releases/tag/v0.6.2) | Add US-CERT/JPCERT Alerts as VulnSrc | 2019/Jan/23 |
-| [v0.6.1](https://github.com/future-architect/vuls/releases/tag/v0.6.1) | BugFix | 2018/Nov/16 |
-| [v0.6.0](https://github.com/future-architect/vuls/releases/tag/v0.6.0) | Add ExploitDB as VulnSrc | 2018/Nov/3 |
-| [v0.5.0](https://github.com/future-architect/vuls/releases/tag/v0.5.0) | Scan accuracy improvement | 2018/Aug/27 |
-
----
-
 ## Abstract

 For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden.
@@ -66,36 +52,47 @@ Vuls is a tool created to solve the problems listed above. It has the following

 - Alpine, Amazon Linux, CentOS, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu
 - FreeBSD
- Cloud, on-premise, Docker Container and Docker Image
+- Cloud, on-premise, Running Docker Container

 ### High-quality scan

-Vuls uses multiple vulnerability databases
+- Vulnerability Database
+  - [NVD](https://nvd.nist.gov/)
+  - [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)

- [NVD](https://nvd.nist.gov/)
- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
 - OVAL
+  - [Red Hat](https://www.redhat.com/security/data/oval/)
  - [Debian](https://www.debian.org/security/oval/)
-  - [Oracle Linux](https://linux.oracle.com/security/oval/)
-  - [RedHat](https://www.redhat.com/security/data/oval/)
-  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
  - [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
+  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+  - [Oracle Linux](https://linux.oracle.com/security/oval/)

- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
- [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
- Commands (yum, zypper, and pkg-audit)
-  - RHSA/ALAS/ELSA/FreeBSD-SA
- [Exploit Database](https://www.exploit-db.com/)
- [US-CERT](https://www.us-cert.gov/ncas/alerts)
- [JPCERT](http://www.jpcert.or.jp/at/2019.html)
- [WPVulnDB](https://wpvulndb.com/api)
- [Node.js Security Working Group](https://github.com/nodejs/security-wg)
- [Ruby Advisory Database](https://github.com/rubysec/ruby-advisory-db)
- [Safety DB(Python)](https://github.com/pyupio/safety-db)
- [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories)
- [RustSec Advisory Database](https://github.com/RustSec/advisory-db)
- Changelog
+- Security Advisory
+  - [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
+  - [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
+  - [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
+
+- Commands(yum, zypper, pkg-audit)
+  - RHSA / ALAS / ELSA / FreeBSD-SA
+  - Changelog
+
+- PoC, Exploit
+  - [Exploit Database](https://www.exploit-db.com/)
+  - [Metasploit-Framework modules](https://www.rapid7.com/db/?q=&type=metasploit)
+
+- CERT
+  - [US-CERT](https://www.us-cert.gov/ncas/alerts)
+  - [JPCERT](http://www.jpcert.or.jp/at/2019.html)
+
+- Libraries
+  - [Node.js Security Working Group](https://github.com/nodejs/security-wg)
+  - [Ruby Advisory Database](https://github.com/rubysec/ruby-advisory-db)
+  - [Safety DB(Python)](https://github.com/pyupio/safety-db)
+  - [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories)
+  - [RustSec Advisory Database](https://github.com/RustSec/advisory-db)
+
+- WordPress
+  - [wpscan](https://wpscan.com/api)

 ### Scan mode

@@ -134,19 +131,6 @@ Vuls uses multiple vulnerability databases
 - It is possible to acquire the state of the server by connecting via SSH and executing the command.
 - Vuls warns when the scan target server was updated the kernel etc. but not restarting it.

-### **Static** Analysis
-
-**Image scan function is no longer supported from Vuls v0.9.5. Use Trivy directry**
-
-~~Vuls v0.8.0 can scan Docker images using [knqyf263/trivy](https://github.com/knqyf263/trivy).
-Following Registry supported.~~
-
- ~~ECR~~
- ~~GCR~~
- ~~Local Image~~
-
-~~For details, see [Scan docker image](https://vuls.io/docs/en/tutorial-scan-docker-image.html)~~  
-
 ### Scan vulnerabilities of non-OS-packages

 - Libraries of programming language
@@ -184,7 +168,7 @@ Vuls has some options to detect the vulnerabilities

 ## Document

-For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)
+For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)  
 [日本語翻訳ドキュメント](https://vuls.io/ja/)

 ----
@@ -193,11 +177,9 @@ For more information such as Installation, Tutorial, Usage, visit [vuls.io](http

 kotakanbe ([@kotakanbe](https://twitter.com/kotakanbe)) created vuls and [these fine people](https://github.com/future-architect/vuls/graphs/contributors) have contributed.

----
+## Contribute

-## Change Log
-
-Please see [CHANGELOG](https://github.com/future-architect/vuls/blob/master/CHANGELOG.md).
+see [vulsdoc](https://vuls.io/docs/en/how-to-contribute.html)

 ----

--- a/cache/bolt.go
+++ b/cache/bolt.go
@@ -141,7 +141,7 @@ func (b Bolt) PrettyPrint(meta Meta) error {
 	})
 }

-// GetChangelog get the changelgo of specified packName from the Bucket
+// GetChangelog get the changelog of specified packName from the Bucket
 func (b Bolt) GetChangelog(servername, packName string) (changelog string, err error) {
 	err = b.db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
--- a/cache/bolt_test.go
+++ b/cache/bolt_test.go
@@ -46,7 +46,7 @@ func TestSetupBolt(t *testing.T) {
 		t.Errorf("Failed to open bolt: %s", err)
 	}

-	db.View(func(tx *bolt.Tx) error {
+	_ = db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(metabucket))
 		if bkt == nil {
 			t.Errorf("Meta bucket nof found")
@@ -87,7 +87,7 @@ func TestEnsureBuckets(t *testing.T) {
 	if err != nil {
 		t.Errorf("Failed to open bolt: %s", err)
 	}
-	db.View(func(tx *bolt.Tx) error {
+	_ = db.View(func(tx *bolt.Tx) error {
 		bkt := tx.Bucket([]byte(servername))
 		if bkt == nil {
 			t.Errorf("Meta bucket nof found")
--- a/cmd/scanner/main.go
+++ b/cmd/scanner/main.go
@@ -0,0 +1,36 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"os"
+
+	"context"
+
+	"github.com/future-architect/vuls/config"
+	commands "github.com/future-architect/vuls/subcmds"
+	"github.com/google/subcommands"
+)
+
+func main() {
+	subcommands.Register(subcommands.HelpCommand(), "")
+	subcommands.Register(subcommands.FlagsCommand(), "")
+	subcommands.Register(subcommands.CommandsCommand(), "")
+	subcommands.Register(&commands.DiscoverCmd{}, "discover")
+	subcommands.Register(&commands.ScanCmd{}, "scan")
+	subcommands.Register(&commands.HistoryCmd{}, "history")
+	subcommands.Register(&commands.ConfigtestCmd{}, "configtest")
+	subcommands.Register(&commands.SaaSCmd{}, "saas")
+
+	var v = flag.Bool("v", false, "Show version")
+
+	flag.Parse()
+
+	if *v {
+		fmt.Printf("vuls %s %s\n", config.Version, config.Revision)
+		os.Exit(int(subcommands.ExitSuccess))
+	}
+
+	ctx := context.Background()
+	os.Exit(int(subcommands.Execute(ctx)))
+}
--- a/cmd/vuls/main.go
+++ b/cmd/vuls/main.go
@@ -7,8 +7,8 @@ import (

 	"context"

-	"github.com/future-architect/vuls/commands"
 	"github.com/future-architect/vuls/config"
+	commands "github.com/future-architect/vuls/subcmds"
 	"github.com/google/subcommands"
 )

@@ -29,7 +29,7 @@ func main() {
 	flag.Parse()

 	if *v {
-		fmt.Printf("vuls %s %s\n", config.Version, config.Revision)
+		fmt.Printf("vuls-%s-%s\n", config.Version, config.Revision)
 		os.Exit(int(subcommands.ExitSuccess))
 	}

--- a/commands/server.go
+++ b/commands/server.go
@@ -1,223 +0,0 @@
-package commands
-
-import (
-	"context"
-	"flag"
-	"fmt"
-	"net/http"
-	"os"
-	"path/filepath"
-
-	// "github.com/future-architect/vuls/Server"
-
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/exploit"
-	"github.com/future-architect/vuls/gost"
-	"github.com/future-architect/vuls/oval"
-	"github.com/future-architect/vuls/report"
-	"github.com/future-architect/vuls/server"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
-)
-
-// ServerCmd is subcommand for server
-type ServerCmd struct {
-	configPath  string
-	listen      string
-	cveDict     c.GoCveDictConf
-	ovalDict    c.GovalDictConf
-	gostConf    c.GostConf
-	exploitConf c.ExploitConf
-}
-
-// Name return subcommand name
-func (*ServerCmd) Name() string { return "server" }
-
-// Synopsis return synopsis
-func (*ServerCmd) Synopsis() string { return "Server" }
-
-// Usage return usage
-func (*ServerCmd) Usage() string {
-	return `Server:
-	Server
-		[-lang=en|ja]
-		[-config=/path/to/config.toml]
-		[-log-dir=/path/to/log]
-		[-cvss-over=7]
-		[-ignore-unscored-cves]
-		[-ignore-unfixed]
-		[-to-localfile]
-		[-format-json]
-		[-http-proxy=http://192.168.0.1:8080]
-		[-debug]
-		[-debug-sql]
-		[-listen=localhost:5515]
-		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
-		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
-		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
-		[-ovaldb-type=sqlite3|mysql|redis|http]
-		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
-		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
-		[-gostdb-type=sqlite3|mysql|redis|http]
-		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
-		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
-		[-exploitdb-type=sqlite3|mysql|redis|http]
-		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
-		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
-
-		[RFC3339 datetime format under results dir]
-`
-}
-
-// SetFlags set flag
-func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
-	f.StringVar(&c.Conf.Lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
-	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
-
-	wd, _ := os.Getwd()
-	f.StringVar(&p.configPath, "config", "", "/path/to/toml")
-
-	defaultResultsDir := filepath.Join(wd, "results")
-	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
-
-	defaultLogDir := util.GetDefaultLogDir()
-	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
-
-	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
-		"-cvss-over=6.5 means Servering CVSS Score 6.5 and over (default: 0 (means Server all))")
-
-	f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
-		"Don't Server the unscored CVEs")
-
-	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
-		"Don't Server the unfixed CVEs")
-
-	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
-		"http://proxy-url:port (default: empty)")
-
-	f.BoolVar(&c.Conf.FormatJSON, "format-json", false, "JSON format")
-
-	f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
-	f.StringVar(&p.listen, "listen", "localhost:5515",
-		"host:port (default: localhost:5515)")
-
-	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
-		"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
-		"http://go-cve-dictionary.com:1323 or DB connection string")
-
-	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
-		"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
-		"http://goval-dictionary.com:1324 or DB connection string")
-
-	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
-		"DB type of gost (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
-		"http://gost.com:1325 or DB connection string")
-
-	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
-		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
-	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
-	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
-		"http://exploit.com:1326 or DB connection string")
-}
-
-// Execute execute
-func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
-	if p.configPath != "" {
-		if err := c.Load(p.configPath, ""); err != nil {
-			util.Log.Errorf("Error loading %s. err: %+v", p.configPath, err)
-			return subcommands.ExitUsageError
-		}
-	}
-
-	c.Conf.CveDict.Overwrite(p.cveDict)
-	c.Conf.OvalDict.Overwrite(p.ovalDict)
-	c.Conf.Gost.Overwrite(p.gostConf)
-	c.Conf.Exploit.Overwrite(p.exploitConf)
-
-	util.Log.Info("Validating config...")
-	if !c.Conf.ValidateOnReport() {
-		return subcommands.ExitUsageError
-	}
-
-	util.Log.Info("Validating db config...")
-	if !c.Conf.ValidateOnReportDB() {
-		return subcommands.ExitUsageError
-	}
-
-	if c.Conf.CveDict.URL != "" {
-		if err := report.CveClient.CheckHealth(); err != nil {
-			util.Log.Errorf("CVE HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.OvalDict.URL != "" {
-		err := oval.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
-			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Gost.URL != "" {
-		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
-		err := gost.Base{}.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("gost HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
-			return subcommands.ExitFailure
-		}
-	}
-
-	if c.Conf.Exploit.URL != "" {
-		err := exploit.CheckHTTPHealth()
-		if err != nil {
-			util.Log.Errorf("exploit HTTP server is not running. err: %+v", err)
-			util.Log.Errorf("Run go-exploitdb as server mode before reporting")
-			return subcommands.ExitFailure
-		}
-	}
-
-	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
-		CveDictCnf:  c.Conf.CveDict,
-		OvalDictCnf: c.Conf.OvalDict,
-		GostCnf:     c.Conf.Gost,
-		ExploitCnf:  c.Conf.Exploit,
-		DebugSQL:    c.Conf.DebugSQL,
-	})
-	if locked {
-		util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	if err != nil {
-		util.Log.Errorf("Failed to init DB Clients. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-
-	defer dbclient.CloseDB()
-
-	http.Handle("/vuls", server.VulsHandler{DBclient: *dbclient})
-	http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
-		fmt.Fprintf(w, "ok")
-	})
-	util.Log.Infof("Listening on %s", p.listen)
-	if err := http.ListenAndServe(p.listen, nil); err != nil {
-		util.Log.Errorf("Failed to start server. err: %+v", err)
-		return subcommands.ExitFailure
-	}
-	return subcommands.ExitSuccess
-}
--- a/config/chatworkconf.go
+++ b/config/chatworkconf.go
@@ -0,0 +1,32 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// ChatWorkConf is ChatWork config
+type ChatWorkConf struct {
+	APIToken string `json:"-"`
+	Room     string `json:"-"`
+}
+
+// Validate validates configuration
+func (c *ChatWorkConf) Validate() (errs []error) {
+	if !Conf.ToChatWork {
+		return
+	}
+	if len(c.Room) == 0 {
+		errs = append(errs, xerrors.New("chatWorkConf.room must not be empty"))
+	}
+
+	if len(c.APIToken) == 0 {
+		errs = append(errs, xerrors.New("chatWorkConf.ApiToken must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}
--- a/config/config.go
+++ b/config/config.go
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -63,7 +63,7 @@ func TestSyslogConfValidate(t *testing.T) {
 	}
 }

-func TestMajorVersion(t *testing.T) {
+func TestDistro_MajorVersion(t *testing.T) {
 	var tests = []struct {
 		in  Distro
 		out int
--- a/config/exploitconf.go
+++ b/config/exploitconf.go
@@ -0,0 +1,74 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// ExploitConf is exploit config
+type ExploitConf struct {
+	// DB type for exploit dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://exploit-dictionary.com:1324 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/exploit.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *ExploitConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "go-exploitdb.sqlite3")
+	}
+}
+
+const exploitDBType = "EXPLOITDB_TYPE"
+const exploitDBURL = "EXPLOITDB_URL"
+const exploitDBPATH = "EXPLOITDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *ExploitConf) Init() {
+	if os.Getenv(exploitDBType) != "" {
+		cnf.Type = os.Getenv(exploitDBType)
+	}
+	if os.Getenv(exploitDBURL) != "" {
+		cnf.URL = os.Getenv(exploitDBURL)
+	}
+	if os.Getenv(exploitDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(exploitDBPATH)
+	}
+	cnf.setDefault()
+}
+
+// IsFetchViaHTTP returns wether fetch via http
+func (cnf *ExploitConf) IsFetchViaHTTP() bool {
+	return Conf.Exploit.Type == "http"
+}
+
+// CheckHTTPHealth do health check
+func (cnf *ExploitConf) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %s", url, errs)
+	}
+	return nil
+}
--- a/config/gocvedictconf.go
+++ b/config/gocvedictconf.go
@@ -0,0 +1,74 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// GoCveDictConf is go-cve-dictionary config
+type GoCveDictConf struct {
+	// DB type of CVE dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://cve-dictionary.com:1323 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/cve.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *GoCveDictConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "cve.sqlite3")
+	}
+}
+
+const cveDBType = "CVEDB_TYPE"
+const cveDBURL = "CVEDB_URL"
+const cveDBPATH = "CVEDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GoCveDictConf) Init() {
+	if os.Getenv(cveDBType) != "" {
+		cnf.Type = os.Getenv(cveDBType)
+	}
+	if os.Getenv(cveDBURL) != "" {
+		cnf.URL = os.Getenv(cveDBURL)
+	}
+	if os.Getenv(cveDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(cveDBPATH)
+	}
+	cnf.setDefault()
+}
+
+// IsFetchViaHTTP returns wether fetch via http
+func (cnf *GoCveDictConf) IsFetchViaHTTP() bool {
+	return Conf.CveDict.Type == "http"
+}
+
+// CheckHTTPHealth checks http server status
+func (cnf *GoCveDictConf) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Timeout(10 * time.Second).SetDebug(Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %s",
+			url, errs)
+	}
+	return nil
+}
--- a/config/gostconf.go
+++ b/config/gostconf.go
@@ -0,0 +1,74 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// GostConf is gost config
+type GostConf struct {
+	// DB type for gost dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://gost-dictionary.com:1324 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/gost.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *GostConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "gost.sqlite3")
+	}
+}
+
+const gostDBType = "GOSTDB_TYPE"
+const gostDBURL = "GOSTDB_URL"
+const gostDBPATH = "GOSTDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GostConf) Init() {
+	if os.Getenv(gostDBType) != "" {
+		cnf.Type = os.Getenv(gostDBType)
+	}
+	if os.Getenv(gostDBURL) != "" {
+		cnf.URL = os.Getenv(gostDBURL)
+	}
+	if os.Getenv(gostDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(gostDBPATH)
+	}
+	cnf.setDefault()
+}
+
+// IsFetchViaHTTP returns wether fetch via http
+func (cnf *GostConf) IsFetchViaHTTP() bool {
+	return Conf.Gost.Type == "http"
+}
+
+// CheckHTTPHealth do health check
+func (cnf *GostConf) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %s", url, errs)
+	}
+	return nil
+}
--- a/config/govaldictconf.go
+++ b/config/govaldictconf.go
@@ -0,0 +1,76 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// GovalDictConf is goval-dictionary config
+type GovalDictConf struct {
+
+	// DB type of OVAL dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://goval-dictionary.com:1324 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/oval.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *GovalDictConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "oval.sqlite3")
+	}
+}
+
+const govalType = "OVALDB_TYPE"
+const govalURL = "OVALDB_URL"
+const govalPATH = "OVALDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *GovalDictConf) Init() {
+	if os.Getenv(govalType) != "" {
+		cnf.Type = os.Getenv(govalType)
+	}
+	if os.Getenv(govalURL) != "" {
+		cnf.URL = os.Getenv(govalURL)
+	}
+	if os.Getenv(govalPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(govalPATH)
+	}
+	cnf.setDefault()
+}
+
+// IsFetchViaHTTP returns wether fetch via http
+func (cnf *GovalDictConf) IsFetchViaHTTP() bool {
+	return Conf.OvalDict.Type == "http"
+}
+
+// CheckHTTPHealth do health check
+func (cnf *GovalDictConf) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to request to OVAL server. url: %s, errs: %s",
+			url, errs)
+	}
+	return nil
+}
--- a/config/httpconf.go
+++ b/config/httpconf.go
@@ -0,0 +1,38 @@
+package config
+
+import (
+	"os"
+
+	"github.com/asaskevich/govalidator"
+)
+
+// HTTPConf is HTTP config
+type HTTPConf struct {
+	URL string `valid:"url" json:"-"`
+}
+
+// Validate validates configuration
+func (c *HTTPConf) Validate() (errs []error) {
+	if !Conf.ToHTTP {
+		return nil
+	}
+
+	if _, err := govalidator.ValidateStruct(c); err != nil {
+		errs = append(errs, err)
+	}
+	return errs
+}
+
+const httpKey = "VULS_HTTP_URL"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (c *HTTPConf) Init(toml HTTPConf) {
+	if os.Getenv(httpKey) != "" {
+		c.URL = os.Getenv(httpKey)
+	}
+	if toml.URL != "" {
+		c.URL = toml.URL
+	}
+}
--- a/config/metasploitconf.go
+++ b/config/metasploitconf.go
@@ -0,0 +1,73 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/parnurzeal/gorequest"
+	"golang.org/x/xerrors"
+)
+
+// MetasploitConf is metasploit config
+type MetasploitConf struct {
+	// DB type for metasploit dictionary (sqlite3, mysql, postgres or redis)
+	Type string
+
+	// http://metasploit-dictionary.com:1324 or DB connection string
+	URL string `json:"-"`
+
+	// /path/to/metasploit.sqlite3
+	SQLite3Path string `json:"-"`
+}
+
+func (cnf *MetasploitConf) setDefault() {
+	if cnf.Type == "" {
+		cnf.Type = "sqlite3"
+	}
+	if cnf.URL == "" && cnf.SQLite3Path == "" {
+		wd, _ := os.Getwd()
+		cnf.SQLite3Path = filepath.Join(wd, "go-msfdb.sqlite3")
+	}
+}
+
+const metasploitDBType = "METASPLOITDB_TYPE"
+const metasploitDBURL = "METASPLOITDB_URL"
+const metasploitDBPATH = "METASPLOITDB_SQLITE3_PATH"
+
+// Init set options with the following priority.
+// 1. Environment variable
+// 2. config.toml
+func (cnf *MetasploitConf) Init() {
+	if os.Getenv(metasploitDBType) != "" {
+		cnf.Type = os.Getenv(metasploitDBType)
+	}
+	if os.Getenv(metasploitDBURL) != "" {
+		cnf.URL = os.Getenv(metasploitDBURL)
+	}
+	if os.Getenv(metasploitDBPATH) != "" {
+		cnf.SQLite3Path = os.Getenv(metasploitDBPATH)
+	}
+	cnf.setDefault()
+}
+
+// IsFetchViaHTTP returns wether fetch via http
+func (cnf *MetasploitConf) IsFetchViaHTTP() bool {
+	return Conf.Metasploit.Type == "http"
+}
+
+// CheckHTTPHealth do health check
+func (cnf *MetasploitConf) CheckHTTPHealth() error {
+	if !cnf.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.URL)
+	resp, _, errs := gorequest.New().Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return xerrors.Errorf("Failed to connect to metasploit server. url: %s, errs: %s", url, errs)
+	}
+	return nil
+}
--- a/config/os.go
+++ b/config/os.go
@@ -0,0 +1,249 @@
+package config
+
+import (
+	"fmt"
+	"strings"
+	"time"
+)
+
+const (
+	// RedHat is
+	RedHat = "redhat"
+
+	// Debian is
+	Debian = "debian"
+
+	// Ubuntu is
+	Ubuntu = "ubuntu"
+
+	// CentOS is
+	CentOS = "centos"
+
+	// Fedora is
+	// Fedora = "fedora"
+
+	// Amazon is
+	Amazon = "amazon"
+
+	// Oracle is
+	Oracle = "oracle"
+
+	// FreeBSD is
+	FreeBSD = "freebsd"
+
+	// Raspbian is
+	Raspbian = "raspbian"
+
+	// Windows is
+	Windows = "windows"
+
+	// OpenSUSE is
+	OpenSUSE = "opensuse"
+
+	// OpenSUSELeap is
+	OpenSUSELeap = "opensuse.leap"
+
+	// SUSEEnterpriseServer is
+	SUSEEnterpriseServer = "suse.linux.enterprise.server"
+
+	// SUSEEnterpriseDesktop is
+	SUSEEnterpriseDesktop = "suse.linux.enterprise.desktop"
+
+	// SUSEOpenstackCloud is
+	SUSEOpenstackCloud = "suse.openstack.cloud"
+
+	// Alpine is
+	Alpine = "alpine"
+
+	// ServerTypePseudo is used for ServerInfo.Type, r.Family
+	ServerTypePseudo = "pseudo"
+)
+
+// EOL has End-of-Life information
+type EOL struct {
+	StandardSupportUntil time.Time
+	ExtendedSupportUntil time.Time
+	Ended                bool
+}
+
+// IsStandardSupportEnded checks now is under standard support
+func (e EOL) IsStandardSupportEnded(now time.Time) bool {
+	return e.Ended ||
+		!e.ExtendedSupportUntil.IsZero() && e.StandardSupportUntil.IsZero() ||
+		!e.StandardSupportUntil.IsZero() && now.After(e.StandardSupportUntil)
+}
+
+// IsExtendedSuppportEnded checks now is under extended support
+func (e EOL) IsExtendedSuppportEnded(now time.Time) bool {
+	if e.Ended {
+		return true
+	}
+	if e.StandardSupportUntil.IsZero() && e.ExtendedSupportUntil.IsZero() {
+		return false
+	}
+	return !e.ExtendedSupportUntil.IsZero() && now.After(e.ExtendedSupportUntil) ||
+		e.ExtendedSupportUntil.IsZero() && now.After(e.StandardSupportUntil)
+}
+
+// GetEOL return EOL information for the OS-release passed by args
+// https://github.com/aquasecurity/trivy/blob/master/pkg/detector/ospkg/redhat/redhat.go#L20
+func GetEOL(family, release string) (eol EOL, found bool) {
+	switch family {
+	case Amazon:
+		rel := "2"
+		if isAmazonLinux1(release) {
+			rel = "1"
+		}
+		eol, found = map[string]EOL{
+			"1": {StandardSupportUntil: time.Date(2023, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"2": {},
+		}[rel]
+	case RedHat:
+		// https://access.redhat.com/support/policy/updates/errata
+		eol, found = map[string]EOL{
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {
+				StandardSupportUntil: time.Date(2020, 11, 30, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC),
+			},
+			"7": {
+				StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC),
+			},
+			"8": {
+				StandardSupportUntil: time.Date(2029, 5, 31, 23, 59, 59, 0, time.UTC),
+			},
+		}[major(release)]
+	case CentOS:
+		// https://en.wikipedia.org/wiki/CentOS#End-of-support_schedule
+		// TODO Stream
+		eol, found = map[string]EOL{
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {Ended: true},
+			"7": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"8": {StandardSupportUntil: time.Date(2021, 12, 31, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case Oracle:
+		eol, found = map[string]EOL{
+			// Source:
+			// https://www.oracle.com/a/ocom/docs/elsp-lifetime-069338.pdf
+			// https://community.oracle.com/docs/DOC-917964
+			"3": {Ended: true},
+			"4": {Ended: true},
+			"5": {Ended: true},
+			"6": {
+				StandardSupportUntil: time.Date(2021, 3, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 3, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"7": {
+				StandardSupportUntil: time.Date(2024, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"8": {
+				StandardSupportUntil: time.Date(2029, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+		}[major(release)]
+	case Debian:
+		eol, found = map[string]EOL{
+			// https://wiki.debian.org/LTS
+			"6":  {Ended: true},
+			"7":  {Ended: true},
+			"8":  {Ended: true},
+			"9":  {StandardSupportUntil: time.Date(2022, 6, 30, 23, 59, 59, 0, time.UTC)},
+			"10": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	case Raspbian:
+		// Not found
+		eol, found = map[string]EOL{}[major(release)]
+	case Ubuntu:
+		// https://wiki.ubuntu.com/Releases
+		eol, found = map[string]EOL{
+			"14.10": {Ended: true},
+			"14.04": {
+				ExtendedSupportUntil: time.Date(2022, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"15.04": {Ended: true},
+			"16.10": {Ended: true},
+			"17.04": {Ended: true},
+			"17.10": {Ended: true},
+			"16.04": {
+				StandardSupportUntil: time.Date(2021, 4, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2024, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"18.04": {
+				StandardSupportUntil: time.Date(2023, 4, 1, 23, 59, 59, 0, time.UTC),
+				ExtendedSupportUntil: time.Date(2028, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"18.10": {Ended: true},
+			"19.04": {Ended: true},
+			"19.10": {Ended: true},
+			"20.04": {
+				StandardSupportUntil: time.Date(2025, 4, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"21.04": {
+				StandardSupportUntil: time.Date(2022, 1, 1, 23, 59, 59, 0, time.UTC),
+			},
+			"21.10": {
+				StandardSupportUntil: time.Date(2022, 7, 1, 23, 59, 59, 0, time.UTC),
+			},
+		}[release]
+	case SUSEEnterpriseServer:
+		//TODO
+	case Alpine:
+		// https://github.com/aquasecurity/trivy/blob/master/pkg/detector/ospkg/alpine/alpine.go#L19
+		// https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases
+		eol, found = map[string]EOL{
+			"2.0":  {Ended: true},
+			"2.1":  {Ended: true},
+			"2.2":  {Ended: true},
+			"2.3":  {Ended: true},
+			"2.4":  {Ended: true},
+			"2.5":  {Ended: true},
+			"2.6":  {Ended: true},
+			"2.7":  {Ended: true},
+			"3.0":  {Ended: true},
+			"3.1":  {Ended: true},
+			"3.2":  {Ended: true},
+			"3.3":  {Ended: true},
+			"3.4":  {Ended: true},
+			"3.5":  {Ended: true},
+			"3.6":  {Ended: true},
+			"3.7":  {Ended: true},
+			"3.8":  {Ended: true},
+			"3.9":  {Ended: true},
+			"3.10": {StandardSupportUntil: time.Date(2021, 5, 1, 23, 59, 59, 0, time.UTC)},
+			"3.11": {StandardSupportUntil: time.Date(2021, 11, 1, 23, 59, 59, 0, time.UTC)},
+			"3.12": {StandardSupportUntil: time.Date(2022, 5, 1, 23, 59, 59, 0, time.UTC)},
+			"3.13": {StandardSupportUntil: time.Date(2022, 11, 1, 23, 59, 59, 0, time.UTC)},
+		}[majorDotMinor(release)]
+	case FreeBSD:
+		// https://www.freebsd.org/security/
+		eol, found = map[string]EOL{
+			"7":  {Ended: true},
+			"8":  {Ended: true},
+			"9":  {Ended: true},
+			"10": {Ended: true},
+			"11": {StandardSupportUntil: time.Date(2021, 9, 30, 23, 59, 59, 0, time.UTC)},
+			"12": {StandardSupportUntil: time.Date(2024, 6, 30, 23, 59, 59, 0, time.UTC)},
+		}[major(release)]
+	}
+	return
+}
+
+func major(osVer string) (majorVersion string) {
+	return strings.Split(osVer, ".")[0]
+}
+
+func majorDotMinor(osVer string) (majorDotMinor string) {
+	ss := strings.SplitN(osVer, ".", 3)
+	if len(ss) == 1 {
+		return osVer
+	}
+	return fmt.Sprintf("%s.%s", ss[0], ss[1])
+}
+
+func isAmazonLinux1(osRelease string) bool {
+	return len(strings.Fields(osRelease)) == 1
+}
--- a/config/os_test.go
+++ b/config/os_test.go
@@ -0,0 +1,373 @@
+package config
+
+import (
+	"testing"
+	"time"
+)
+
+func TestEOL_IsStandardSupportEnded(t *testing.T) {
+	type fields struct {
+		family  string
+		release string
+	}
+	tests := []struct {
+		name     string
+		fields   fields
+		now      time.Time
+		found    bool
+		stdEnded bool
+		extEnded bool
+	}{
+		// Amazon Linux
+		{
+			name:     "amazon linux 1 supported",
+			fields:   fields{family: Amazon, release: "2018.03"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "amazon linux 1 eol on 2023-6-30",
+			fields:   fields{family: Amazon, release: "2018.03"},
+			now:      time.Date(2023, 7, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "amazon linux 2 supported",
+			fields:   fields{family: Amazon, release: "2 (Karoo)"},
+			now:      time.Date(2023, 7, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		//RHEL
+		{
+			name:     "RHEL7 supported",
+			fields:   fields{family: RedHat, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL8 supported",
+			fields:   fields{family: RedHat, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL6 eol",
+			fields:   fields{family: RedHat, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "RHEL9 not found",
+			fields:   fields{family: RedHat, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//CentOS
+		{
+			name:     "CentOS 7 supported",
+			fields:   fields{family: CentOS, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "CentOS 8 supported",
+			fields:   fields{family: CentOS, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "CentOS 6 eol",
+			fields:   fields{family: CentOS, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "CentOS 9 not found",
+			fields:   fields{family: CentOS, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//Oracle
+		{
+			name:     "Oracle Linux 7 supported",
+			fields:   fields{family: Oracle, release: "7"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 8 supported",
+			fields:   fields{family: Oracle, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 6 eol",
+			fields:   fields{family: Oracle, release: "6"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Oracle Linux 9 not found",
+			fields:   fields{family: Oracle, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//Ubuntu
+		{
+			name:     "Ubuntu 18.04 supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 18.04 ext supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2025, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 16.04 supported",
+			fields:   fields{family: Ubuntu, release: "18.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 14.04 eol",
+			fields:   fields{family: Ubuntu, release: "14.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 14.10 eol",
+			fields:   fields{family: Ubuntu, release: "14.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Ubuntu 12.10 not found",
+			fields:   fields{family: Ubuntu, release: "12.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			found:    false,
+			stdEnded: false,
+			extEnded: false,
+		},
+		{
+			name:     "Ubuntu 21.04 supported",
+			fields:   fields{family: Ubuntu, release: "21.04"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			found:    true,
+			stdEnded: false,
+			extEnded: false,
+		},
+		//Debian
+		{
+			name:     "Debian 9 supported",
+			fields:   fields{family: Debian, release: "9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Debian 10 supported",
+			fields:   fields{family: Debian, release: "10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Debian 8 supported",
+			fields:   fields{family: Debian, release: "8"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Debian 11 supported",
+			fields:   fields{family: Debian, release: "11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		//alpine
+		{
+			name:     "alpine 3.10 supported",
+			fields:   fields{family: Alpine, release: "3.10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.11 supported",
+			fields:   fields{family: Alpine, release: "3.11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.12 supported",
+			fields:   fields{family: Alpine, release: "3.12"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.9 eol",
+			fields:   fields{family: Alpine, release: "3.9"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "Alpine 3.14 not found",
+			fields:   fields{family: Alpine, release: "3.14"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    false,
+		},
+		// freebsd
+		{
+			name:     "freebsd 11 supported",
+			fields:   fields{family: FreeBSD, release: "11"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "freebsd 11 eol on 2021-9-30",
+			fields:   fields{family: FreeBSD, release: "11"},
+			now:      time.Date(2021, 10, 1, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+		{
+			name:     "freebsd 12 supported",
+			fields:   fields{family: FreeBSD, release: "12"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: false,
+			extEnded: false,
+			found:    true,
+		},
+		{
+			name:     "freebsd 10 eol",
+			fields:   fields{family: FreeBSD, release: "10"},
+			now:      time.Date(2021, 1, 6, 23, 59, 59, 0, time.UTC),
+			stdEnded: true,
+			extEnded: true,
+			found:    true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			eol, found := GetEOL(tt.fields.family, tt.fields.release)
+			if found != tt.found {
+				t.Errorf("GetEOL.found = %v, want %v", found, tt.found)
+			}
+			if found {
+				if got := eol.IsStandardSupportEnded(tt.now); got != tt.stdEnded {
+					t.Errorf("EOL.IsStandardSupportEnded() = %v, want %v", got, tt.stdEnded)
+				}
+				if got := eol.IsExtendedSuppportEnded(tt.now); got != tt.extEnded {
+					t.Errorf("EOL.IsExtendedSupportEnded() = %v, want %v", got, tt.extEnded)
+				}
+			}
+		})
+	}
+}
+
+func Test_majorDotMinor(t *testing.T) {
+	type args struct {
+		osVer string
+	}
+	tests := []struct {
+		name              string
+		args              args
+		wantMajorDotMinor string
+	}{
+		{
+			name: "empty",
+			args: args{
+				osVer: "",
+			},
+			wantMajorDotMinor: "",
+		},
+		{
+			name: "major",
+			args: args{
+				osVer: "3",
+			},
+			wantMajorDotMinor: "3",
+		},
+		{
+			name: "major dot minor",
+			args: args{
+				osVer: "3.1",
+			},
+			wantMajorDotMinor: "3.1",
+		},
+		{
+			name: "major dot minor dot release",
+			args: args{
+				osVer: "3.1.4",
+			},
+			wantMajorDotMinor: "3.1",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if gotMajorDotMinor := majorDotMinor(tt.args.osVer); gotMajorDotMinor != tt.wantMajorDotMinor {
+				t.Errorf("majorDotMinor() = %v, want %v", gotMajorDotMinor, tt.wantMajorDotMinor)
+			}
+		})
+	}
+}
--- a/config/saasconf.go
+++ b/config/saasconf.go
@@ -0,0 +1,34 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SaasConf is FutureVuls config
+type SaasConf struct {
+	GroupID int64  `json:"-"`
+	Token   string `json:"-"`
+	URL     string `json:"-"`
+}
+
+// Validate validates configuration
+func (c *SaasConf) Validate() (errs []error) {
+	if c.GroupID == 0 {
+		errs = append(errs, xerrors.New("GroupID must not be empty"))
+	}
+
+	if len(c.Token) == 0 {
+		errs = append(errs, xerrors.New("Token must not be empty"))
+	}
+
+	if len(c.URL) == 0 {
+		errs = append(errs, xerrors.New("URL must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}
--- a/config/scanmode.go
+++ b/config/scanmode.go
@@ -0,0 +1,110 @@
+package config
+
+import (
+	"strings"
+
+	"golang.org/x/xerrors"
+)
+
+// ScanMode has a type of scan mode. fast, fast-root, deep and offline
+type ScanMode struct {
+	flag byte
+}
+
+const (
+	// Fast is fast scan mode
+	Fast = byte(1 << iota)
+	// FastRoot is scanmode
+	FastRoot
+	// Deep is scanmode
+	Deep
+	// Offline is scanmode
+	Offline
+
+	fastStr     = "fast"
+	fastRootStr = "fast-root"
+	deepStr     = "deep"
+	offlineStr  = "offline"
+)
+
+// Set mode
+func (s *ScanMode) Set(f byte) {
+	s.flag |= f
+}
+
+// IsFast return whether scan mode is fast
+func (s ScanMode) IsFast() bool {
+	return s.flag&Fast == Fast
+}
+
+// IsFastRoot return whether scan mode is fastroot
+func (s ScanMode) IsFastRoot() bool {
+	return s.flag&FastRoot == FastRoot
+}
+
+// IsDeep return whether scan mode is deep
+func (s ScanMode) IsDeep() bool {
+	return s.flag&Deep == Deep
+}
+
+// IsOffline return whether scan mode is offline
+func (s ScanMode) IsOffline() bool {
+	return s.flag&Offline == Offline
+}
+
+func (s *ScanMode) ensure() error {
+	numTrue := 0
+	for _, b := range []bool{s.IsFast(), s.IsFastRoot(), s.IsDeep()} {
+		if b {
+			numTrue++
+		}
+	}
+	if numTrue == 0 {
+		s.Set(Fast)
+	} else if s.IsDeep() && s.IsOffline() {
+		return xerrors.New("Don't specify both of deep and offline")
+	} else if numTrue != 1 {
+		return xerrors.New("Specify only one of offline, fast, fast-root or deep")
+	}
+	return nil
+}
+
+func (s ScanMode) String() string {
+	ss := ""
+	if s.IsFast() {
+		ss = fastStr
+	} else if s.IsFastRoot() {
+		ss = fastRootStr
+	} else if s.IsDeep() {
+		ss = deepStr
+	}
+	if s.IsOffline() {
+		ss += " " + offlineStr
+	}
+	return ss + " mode"
+}
+
+func setScanMode(server *ServerInfo, d ServerInfo) error {
+	if len(server.ScanMode) == 0 {
+		server.ScanMode = Conf.Default.ScanMode
+	}
+	for _, m := range server.ScanMode {
+		switch strings.ToLower(m) {
+		case fastStr:
+			server.Mode.Set(Fast)
+		case fastRootStr:
+			server.Mode.Set(FastRoot)
+		case deepStr:
+			server.Mode.Set(Deep)
+		case offlineStr:
+			server.Mode.Set(Offline)
+		default:
+			return xerrors.Errorf("scanMode: %s of %s is invalid. Specify -fast, -fast-root, -deep or offline",
+				m, server.ServerName)
+		}
+	}
+	if err := server.Mode.ensure(); err != nil {
+		return xerrors.Errorf("%s in %s", err, server.ServerName)
+	}
+	return nil
+}
--- a/config/scanmodule.go
+++ b/config/scanmodule.go
@@ -0,0 +1,97 @@
+package config
+
+import (
+	"strings"
+
+	"golang.org/x/xerrors"
+)
+
+// ScanModule has a type of scan module
+type ScanModule struct {
+	flag byte
+}
+
+const (
+	// OSPkg is scanmodule
+	OSPkg = byte(1 << iota)
+	// WordPress is scanmodule
+	WordPress
+	// Lockfile is scanmodule
+	Lockfile
+	// Port is scanmodule
+	Port
+
+	osPkgStr     = "ospkg"
+	wordPressStr = "wordpress"
+	lockfileStr  = "lockfile"
+	portStr      = "port"
+)
+
+var allModules = []string{osPkgStr, wordPressStr, lockfileStr, portStr}
+
+// Set module
+func (s *ScanModule) Set(f byte) {
+	s.flag |= f
+}
+
+// IsScanOSPkg return whether scanning os pkg
+func (s ScanModule) IsScanOSPkg() bool {
+	return s.flag&OSPkg == OSPkg
+}
+
+// IsScanWordPress return whether scanning wordpress
+func (s ScanModule) IsScanWordPress() bool {
+	return s.flag&WordPress == WordPress
+}
+
+// IsScanLockFile whether scanning lock file
+func (s ScanModule) IsScanLockFile() bool {
+	return s.flag&Lockfile == Lockfile
+}
+
+// IsScanPort whether scanning listening ports
+func (s ScanModule) IsScanPort() bool {
+	return s.flag&Port == Port
+}
+
+// IsZero return the struct value are all false
+func (s ScanModule) IsZero() bool {
+	return !(s.IsScanOSPkg() || s.IsScanWordPress() || s.IsScanLockFile() || s.IsScanPort())
+}
+
+func (s *ScanModule) ensure() error {
+	if s.IsZero() {
+		s.Set(OSPkg)
+		s.Set(WordPress)
+		s.Set(Lockfile)
+		s.Set(Port)
+	} else if !s.IsScanOSPkg() && s.IsScanPort() {
+		return xerrors.New("When specifying the Port, Specify OSPkg as well")
+	}
+	return nil
+}
+
+func setScanModules(server *ServerInfo, d ServerInfo) error {
+	if len(server.ScanModules) == 0 {
+		server.ScanModules = d.ScanModules
+	}
+	for _, m := range server.ScanModules {
+		switch strings.ToLower(m) {
+		case osPkgStr:
+			server.Module.Set(OSPkg)
+		case wordPressStr:
+			server.Module.Set(WordPress)
+		case lockfileStr:
+			server.Module.Set(Lockfile)
+		case portStr:
+			server.Module.Set(Port)
+		default:
+			return xerrors.Errorf("scanMode: %s of %s is invalid. Specify %s",
+				m, server.ServerName, allModules)
+		}
+	}
+	if err := server.Module.ensure(); err != nil {
+		return xerrors.Errorf("%s in %s", err, server.ServerName)
+	}
+	return nil
+}
--- a/config/scanmodule_test.go
+++ b/config/scanmodule_test.go
@@ -0,0 +1,65 @@
+package config
+
+import (
+	"testing"
+)
+
+func TestScanModule_IsZero(t *testing.T) {
+	tests := []struct {
+		name  string
+		modes []byte
+		want  bool
+	}{
+		{
+			name:  "not zero",
+			modes: []byte{OSPkg},
+			want:  false,
+		},
+		{
+			name:  "zero",
+			modes: []byte{},
+			want:  true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s := ScanModule{}
+			for _, b := range tt.modes {
+				s.Set(b)
+			}
+			if got := s.IsZero(); got != tt.want {
+				t.Errorf("ScanModule.IsZero() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestScanModule_validate(t *testing.T) {
+	tests := []struct {
+		name    string
+		modes   []byte
+		wantErr bool
+	}{
+		{
+			name:    "valid",
+			modes:   []byte{},
+			wantErr: false,
+		},
+		{
+			name:    "err",
+			modes:   []byte{WordPress, Lockfile, Port},
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s := ScanModule{}
+			for _, b := range tt.modes {
+				s.Set(b)
+			}
+			if err := s.ensure(); (err != nil) != tt.wantErr {
+				t.Errorf("ScanModule.validate() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
--- a/config/slackconf.go
+++ b/config/slackconf.go
@@ -0,0 +1,51 @@
+package config
+
+import (
+	"strings"
+
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SlackConf is slack config
+type SlackConf struct {
+	HookURL     string   `valid:"url" json:"-" toml:"hookURL,omitempty"`
+	LegacyToken string   `json:"-" toml:"legacyToken,omitempty"`
+	Channel     string   `json:"-" toml:"channel,omitempty"`
+	IconEmoji   string   `json:"-" toml:"iconEmoji,omitempty"`
+	AuthUser    string   `json:"-" toml:"authUser,omitempty"`
+	NotifyUsers []string `toml:"notifyUsers,omitempty" json:"-"`
+	Text        string   `json:"-"`
+}
+
+// Validate validates configuration
+func (c *SlackConf) Validate() (errs []error) {
+	if !Conf.ToSlack {
+		return
+	}
+
+	if len(c.HookURL) == 0 && len(c.LegacyToken) == 0 {
+		errs = append(errs, xerrors.New("slack.hookURL or slack.LegacyToken must not be empty"))
+	}
+
+	if len(c.Channel) == 0 {
+		errs = append(errs, xerrors.New("slack.channel must not be empty"))
+	} else {
+		if !(strings.HasPrefix(c.Channel, "#") ||
+			c.Channel == "${servername}") {
+			errs = append(errs, xerrors.Errorf(
+				"channel's prefix must be '#', channel: %s", c.Channel))
+		}
+	}
+
+	if len(c.AuthUser) == 0 {
+		errs = append(errs, xerrors.New("slack.authUser must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+
+	return
+}
--- a/config/smtpconf.go
+++ b/config/smtpconf.go
@@ -0,0 +1,65 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SMTPConf is smtp config
+type SMTPConf struct {
+	SMTPAddr      string   `toml:"smtpAddr,omitempty" json:"-"`
+	SMTPPort      string   `toml:"smtpPort,omitempty" valid:"port" json:"-"`
+	User          string   `toml:"user,omitempty" json:"-"`
+	Password      string   `toml:"password,omitempty" json:"-"`
+	From          string   `toml:"from,omitempty" json:"-"`
+	To            []string `toml:"to,omitempty" json:"-"`
+	Cc            []string `toml:"cc,omitempty" json:"-"`
+	SubjectPrefix string   `toml:"subjectPrefix,omitempty" json:"-"`
+}
+
+func checkEmails(emails []string) (errs []error) {
+	for _, addr := range emails {
+		if len(addr) == 0 {
+			return
+		}
+		if ok := govalidator.IsEmail(addr); !ok {
+			errs = append(errs, xerrors.Errorf("Invalid email address. email: %s", addr))
+		}
+	}
+	return
+}
+
+// Validate SMTP configuration
+func (c *SMTPConf) Validate() (errs []error) {
+	if !Conf.ToEmail {
+		return
+	}
+	// Check Emails fromat
+	emails := []string{}
+	emails = append(emails, c.From)
+	emails = append(emails, c.To...)
+	emails = append(emails, c.Cc...)
+
+	if emailErrs := checkEmails(emails); 0 < len(emailErrs) {
+		errs = append(errs, emailErrs...)
+	}
+
+	if len(c.SMTPAddr) == 0 {
+		errs = append(errs, xerrors.New("email.smtpAddr must not be empty"))
+	}
+	if len(c.SMTPPort) == 0 {
+		errs = append(errs, xerrors.New("email.smtpPort must not be empty"))
+	}
+	if len(c.To) == 0 {
+		errs = append(errs, xerrors.New("email.To required at least one address"))
+	}
+	if len(c.From) == 0 {
+		errs = append(errs, xerrors.New("email.From required at least one address"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}
--- a/config/syslogconf.go
+++ b/config/syslogconf.go
@@ -0,0 +1,129 @@
+package config
+
+import (
+	"errors"
+	"log/syslog"
+
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// SyslogConf is syslog config
+type SyslogConf struct {
+	Protocol string `json:"-"`
+	Host     string `valid:"host" json:"-"`
+	Port     string `valid:"port" json:"-"`
+	Severity string `json:"-"`
+	Facility string `json:"-"`
+	Tag      string `json:"-"`
+	Verbose  bool   `json:"-"`
+}
+
+// Validate validates configuration
+func (c *SyslogConf) Validate() (errs []error) {
+	if !Conf.ToSyslog {
+		return nil
+	}
+	//  If protocol is empty, it will connect to the local syslog server.
+	if len(c.Protocol) > 0 && c.Protocol != "tcp" && c.Protocol != "udp" {
+		errs = append(errs, errors.New(`syslog.protocol must be "tcp" or "udp"`))
+	}
+
+	// Default port: 514
+	if c.Port == "" {
+		c.Port = "514"
+	}
+
+	if _, err := c.GetSeverity(); err != nil {
+		errs = append(errs, err)
+	}
+
+	if _, err := c.GetFacility(); err != nil {
+		errs = append(errs, err)
+	}
+
+	if _, err := govalidator.ValidateStruct(c); err != nil {
+		errs = append(errs, err)
+	}
+	return errs
+}
+
+// GetSeverity gets severity
+func (c *SyslogConf) GetSeverity() (syslog.Priority, error) {
+	if c.Severity == "" {
+		return syslog.LOG_INFO, nil
+	}
+
+	switch c.Severity {
+	case "emerg":
+		return syslog.LOG_EMERG, nil
+	case "alert":
+		return syslog.LOG_ALERT, nil
+	case "crit":
+		return syslog.LOG_CRIT, nil
+	case "err":
+		return syslog.LOG_ERR, nil
+	case "warning":
+		return syslog.LOG_WARNING, nil
+	case "notice":
+		return syslog.LOG_NOTICE, nil
+	case "info":
+		return syslog.LOG_INFO, nil
+	case "debug":
+		return syslog.LOG_DEBUG, nil
+	default:
+		return -1, xerrors.Errorf("Invalid severity: %s", c.Severity)
+	}
+}
+
+// GetFacility gets facility
+func (c *SyslogConf) GetFacility() (syslog.Priority, error) {
+	if c.Facility == "" {
+		return syslog.LOG_AUTH, nil
+	}
+
+	switch c.Facility {
+	case "kern":
+		return syslog.LOG_KERN, nil
+	case "user":
+		return syslog.LOG_USER, nil
+	case "mail":
+		return syslog.LOG_MAIL, nil
+	case "daemon":
+		return syslog.LOG_DAEMON, nil
+	case "auth":
+		return syslog.LOG_AUTH, nil
+	case "syslog":
+		return syslog.LOG_SYSLOG, nil
+	case "lpr":
+		return syslog.LOG_LPR, nil
+	case "news":
+		return syslog.LOG_NEWS, nil
+	case "uucp":
+		return syslog.LOG_UUCP, nil
+	case "cron":
+		return syslog.LOG_CRON, nil
+	case "authpriv":
+		return syslog.LOG_AUTHPRIV, nil
+	case "ftp":
+		return syslog.LOG_FTP, nil
+	case "local0":
+		return syslog.LOG_LOCAL0, nil
+	case "local1":
+		return syslog.LOG_LOCAL1, nil
+	case "local2":
+		return syslog.LOG_LOCAL2, nil
+	case "local3":
+		return syslog.LOG_LOCAL3, nil
+	case "local4":
+		return syslog.LOG_LOCAL4, nil
+	case "local5":
+		return syslog.LOG_LOCAL5, nil
+	case "local6":
+		return syslog.LOG_LOCAL6, nil
+	case "local7":
+		return syslog.LOG_LOCAL7, nil
+	default:
+		return -1, xerrors.Errorf("Invalid facility: %s", c.Facility)
+	}
+}
--- a/config/telegramconf.go
+++ b/config/telegramconf.go
@@ -0,0 +1,32 @@
+package config
+
+import (
+	"github.com/asaskevich/govalidator"
+	"golang.org/x/xerrors"
+)
+
+// TelegramConf is Telegram config
+type TelegramConf struct {
+	Token  string `json:"-"`
+	ChatID string `json:"-"`
+}
+
+// Validate validates configuration
+func (c *TelegramConf) Validate() (errs []error) {
+	if !Conf.ToTelegram {
+		return
+	}
+	if len(c.ChatID) == 0 {
+		errs = append(errs, xerrors.New("TelegramConf.ChatID must not be empty"))
+	}
+
+	if len(c.Token) == 0 {
+		errs = append(errs, xerrors.New("TelegramConf.Token must not be empty"))
+	}
+
+	_, err := govalidator.ValidateStruct(c)
+	if err != nil {
+		errs = append(errs, err)
+	}
+	return
+}
--- a/config/tomlloader.go
+++ b/config/tomlloader.go
@@ -15,254 +15,212 @@ type TOMLLoader struct {

 // Load load the configuration TOML file specified by path arg.
 func (c TOMLLoader) Load(pathToToml, keyPass string) error {
-	var conf Config
-	if _, err := toml.DecodeFile(pathToToml, &conf); err != nil {
+	if _, err := toml.DecodeFile(pathToToml, &Conf); err != nil {
 		return err
 	}
-	Conf.EMail = conf.EMail
-	Conf.Slack = conf.Slack
-	Conf.Stride = conf.Stride
-	Conf.HipChat = conf.HipChat
-	Conf.ChatWork = conf.ChatWork
-	Conf.Telegram = conf.Telegram
-	Conf.Saas = conf.Saas
-	Conf.Syslog = conf.Syslog
-	Conf.HTTP = conf.HTTP
-	Conf.AWS = conf.AWS
-	Conf.Azure = conf.Azure
-
-	Conf.CveDict = conf.CveDict
-	Conf.OvalDict = conf.OvalDict
-	Conf.Gost = conf.Gost
-	Conf.Exploit = conf.Exploit
-
-	d := conf.Default
-	Conf.Default = d
-	servers := make(map[string]ServerInfo)
-
 	if keyPass != "" {
-		d.KeyPassword = keyPass
+		Conf.Default.KeyPassword = keyPass
 	}

-	i := 0
-	for serverName, v := range conf.Servers {
-		if 0 < len(v.KeyPassword) {
-			return xerrors.Errorf("[Deprecated] KEYPASSWORD IN CONFIG FILE ARE UNSECURE. REMOVE THEM IMMEDIATELY FOR A SECURITY REASONS. THEY WILL BE REMOVED IN A FUTURE RELEASE: %s", serverName)
+	Conf.CveDict.Init()
+	Conf.OvalDict.Init()
+	Conf.Gost.Init()
+	Conf.Exploit.Init()
+	Conf.Metasploit.Init()
+
+	index := 0
+	for name, server := range Conf.Servers {
+		server.ServerName = name
+		if 0 < len(server.KeyPassword) {
+			return xerrors.Errorf("[Deprecated] KEYPASSWORD IN CONFIG FILE ARE UNSECURE. REMOVE THEM IMMEDIATELY FOR A SECURITY REASONS. THEY WILL BE REMOVED IN A FUTURE RELEASE: %s", name)
 		}

-		s := ServerInfo{ServerName: serverName}
-		if v.Type != ServerTypePseudo {
-			s.Host = v.Host
-			if len(s.Host) == 0 {
-				return xerrors.Errorf("%s is invalid. host is empty", serverName)
-			}
-
-			switch {
-			case v.Port != "":
-				s.Port = v.Port
-			case d.Port != "":
-				s.Port = d.Port
-			default:
-				s.Port = "22"
-			}
-
-			switch {
-			case v.User != "":
-				s.User = v.User
-			case d.User != "":
-				s.User = d.User
-			default:
-				if s.Port != "local" {
-					return xerrors.Errorf("%s is invalid. User is empty", serverName)
-				}
-			}
-
-			s.KeyPath = v.KeyPath
-			if len(s.KeyPath) == 0 {
-				s.KeyPath = d.KeyPath
-			}
-			s.KeyPassword = v.KeyPassword
-			if len(s.KeyPassword) == 0 {
-				s.KeyPassword = d.KeyPassword
-			}
+		if err := setDefaultIfEmpty(&server, Conf.Default); err != nil {
+			return xerrors.Errorf("Failed to set default value to config. server: %s, err: %w", name, err)
 		}

-		s.ScanMode = v.ScanMode
-		if len(s.ScanMode) == 0 {
-			s.ScanMode = d.ScanMode
-			if len(s.ScanMode) == 0 {
-				s.ScanMode = []string{"fast"}
-			}
-		}
-		for _, m := range s.ScanMode {
-			switch m {
-			case "fast":
-				s.Mode.Set(Fast)
-			case "fast-root":
-				s.Mode.Set(FastRoot)
-			case "deep":
-				s.Mode.Set(Deep)
-			case "offline":
-				s.Mode.Set(Offline)
-			default:
-				return xerrors.Errorf("scanMode: %s of %s is invalie. Specify -fast, -fast-root, -deep or offline", m, serverName)
-			}
-		}
-		if err := s.Mode.validate(); err != nil {
-			return xerrors.Errorf("%s in %s", err, serverName)
+		if err := setScanMode(&server, Conf.Default); err != nil {
+			return xerrors.Errorf("Failed to set ScanMode: %w", err)
 		}

-		s.CpeNames = v.CpeNames
-		if len(s.CpeNames) == 0 {
-			s.CpeNames = d.CpeNames
+		if err := setScanModules(&server, Conf.Default); err != nil {
+			return xerrors.Errorf("Failed to set ScanModule: %w", err)
 		}

-		s.Lockfiles = v.Lockfiles
-		if len(s.Lockfiles) == 0 {
-			s.Lockfiles = d.Lockfiles
+		if len(server.CpeNames) == 0 {
+			server.CpeNames = Conf.Default.CpeNames
 		}
-
-		s.FindLock = v.FindLock
-
-		for i, n := range s.CpeNames {
+		for i, n := range server.CpeNames {
 			uri, err := toCpeURI(n)
 			if err != nil {
-				return xerrors.Errorf("Failed to parse CPENames %s in %s, err: %w", n, serverName, err)
+				return xerrors.Errorf("Failed to parse CPENames %s in %s, err: %w", n, name, err)
 			}
-			s.CpeNames[i] = uri
+			server.CpeNames[i] = uri
 		}

-		s.ContainersIncluded = v.ContainersIncluded
-		if len(s.ContainersIncluded) == 0 {
-			s.ContainersIncluded = d.ContainersIncluded
-		}
-
-		s.ContainersExcluded = v.ContainersExcluded
-		if len(s.ContainersExcluded) == 0 {
-			s.ContainersExcluded = d.ContainersExcluded
-		}
-
-		s.ContainerType = v.ContainerType
-		if len(s.ContainerType) == 0 {
-			s.ContainerType = d.ContainerType
-		}
-
-		s.Containers = v.Containers
-		for contName, cont := range s.Containers {
-			cont.IgnoreCves = append(cont.IgnoreCves, d.IgnoreCves...)
-			s.Containers[contName] = cont
-		}
-
-		if len(v.DependencyCheckXMLPath) != 0 || len(d.DependencyCheckXMLPath) != 0 {
-			return xerrors.Errorf("[DEPRECATED] dependencyCheckXMLPath IS DEPRECATED. USE owaspDCXMLPath INSTEAD: %s", serverName)
-		}
-
-		s.OwaspDCXMLPath = v.OwaspDCXMLPath
-		if len(s.OwaspDCXMLPath) == 0 {
-			s.OwaspDCXMLPath = d.OwaspDCXMLPath
-		}
-
-		s.Memo = v.Memo
-		if s.Memo == "" {
-			s.Memo = d.Memo
-		}
-
-		s.IgnoreCves = v.IgnoreCves
-		for _, cve := range d.IgnoreCves {
+		for _, cve := range Conf.Default.IgnoreCves {
 			found := false
-			for _, c := range s.IgnoreCves {
+			for _, c := range server.IgnoreCves {
 				if cve == c {
 					found = true
 					break
 				}
 			}
 			if !found {
-				s.IgnoreCves = append(s.IgnoreCves, cve)
+				server.IgnoreCves = append(server.IgnoreCves, cve)
 			}
 		}

-		s.IgnorePkgsRegexp = v.IgnorePkgsRegexp
-		for _, pkg := range d.IgnorePkgsRegexp {
+		for _, pkg := range Conf.Default.IgnorePkgsRegexp {
 			found := false
-			for _, p := range s.IgnorePkgsRegexp {
+			for _, p := range server.IgnorePkgsRegexp {
 				if pkg == p {
 					found = true
 					break
 				}
 			}
 			if !found {
-				s.IgnorePkgsRegexp = append(s.IgnorePkgsRegexp, pkg)
+				server.IgnorePkgsRegexp = append(server.IgnorePkgsRegexp, pkg)
 			}
 		}
-		for _, reg := range s.IgnorePkgsRegexp {
+		for _, reg := range server.IgnorePkgsRegexp {
 			_, err := regexp.Compile(reg)
 			if err != nil {
-				return xerrors.Errorf("Faild to parse %s in %s. err: %w", reg, serverName, err)
+				return xerrors.Errorf("Failed to parse %s in %s. err: %w", reg, name, err)
 			}
 		}
-		for contName, cont := range s.Containers {
+		for contName, cont := range server.Containers {
 			for _, reg := range cont.IgnorePkgsRegexp {
 				_, err := regexp.Compile(reg)
 				if err != nil {
-					return xerrors.Errorf("Faild to parse %s in %s@%s. err: %w",
-						reg, contName, serverName, err)
+					return xerrors.Errorf("Failed to parse %s in %s@%s. err: %w",
+						reg, contName, name, err)
 				}
 			}
 		}

-		opt := map[string]interface{}{}
-		for k, v := range d.Optional {
-			opt[k] = v
+		for ownerRepo, githubSetting := range server.GitHubRepos {
+			if ss := strings.Split(ownerRepo, "/"); len(ss) != 2 {
+				return xerrors.Errorf("Failed to parse GitHub owner/repo: %s in %s",
+					ownerRepo, name)
+			}
+			if githubSetting.Token == "" {
+				return xerrors.Errorf("GitHub owner/repo: %s in %s token is empty",
+					ownerRepo, name)
+			}
 		}
-		for k, v := range v.Optional {
-			opt[k] = v
-		}
-		s.Optional = opt

-		s.Enablerepo = v.Enablerepo
-		if len(s.Enablerepo) == 0 {
-			s.Enablerepo = d.Enablerepo
+		if len(server.Enablerepo) == 0 {
+			server.Enablerepo = Conf.Default.Enablerepo
 		}
-		if len(s.Enablerepo) != 0 {
-			for _, repo := range s.Enablerepo {
+		if len(server.Enablerepo) != 0 {
+			for _, repo := range server.Enablerepo {
 				switch repo {
 				case "base", "updates":
 					// nop
 				default:
 					return xerrors.Errorf(
-						"For now, enablerepo have to be base or updates: %s, servername: %s",
-						s.Enablerepo, serverName)
+						"For now, enablerepo have to be base or updates: %s",
+						server.Enablerepo)
 				}
 			}
 		}

-		s.GitHubRepos = v.GitHubRepos
-		for ownerRepo, githubSetting := range s.GitHubRepos {
-			if ss := strings.Split(ownerRepo, "/"); len(ss) != 2 {
-				return xerrors.Errorf("Failed to parse GitHub owner/repo: %s in %s",
-					ownerRepo, serverName)
-			}
-			if githubSetting.Token == "" {
-				return xerrors.Errorf("GitHub owner/repo: %s in %s token is empty",
-					ownerRepo, serverName)
+		server.LogMsgAnsiColor = Colors[index%len(Colors)]
+		index++
+
+		Conf.Servers[name] = server
+	}
+	return nil
+}
+
+func setDefaultIfEmpty(server *ServerInfo, d ServerInfo) error {
+	if server.Type != ServerTypePseudo {
+		if len(server.Host) == 0 {
+			return xerrors.Errorf("server.host is empty")
+		}
+
+		if len(server.JumpServer) == 0 {
+			server.JumpServer = Conf.Default.JumpServer
+		}
+
+		if server.Port == "" {
+			if Conf.Default.Port != "" {
+				server.Port = Conf.Default.Port
+			} else {
+				server.Port = "22"
 			}
 		}

-		s.UUIDs = v.UUIDs
-		s.Type = v.Type
+		if server.User == "" {
+			server.User = Conf.Default.User
+			if server.User == "" && server.Port != "local" {
+				return xerrors.Errorf("server.user is empty")
+			}
+		}

-		s.WordPress.WPVulnDBToken = v.WordPress.WPVulnDBToken
-		s.WordPress.CmdPath = v.WordPress.CmdPath
-		s.WordPress.DocRoot = v.WordPress.DocRoot
-		s.WordPress.OSUser = v.WordPress.OSUser
-		s.WordPress.IgnoreInactive = v.WordPress.IgnoreInactive
+		if server.SSHConfigPath == "" {
+			server.SSHConfigPath = Conf.Default.SSHConfigPath
+		}

-		s.LogMsgAnsiColor = Colors[i%len(Colors)]
-		i++
+		if server.KeyPath == "" {
+			server.KeyPath = Conf.Default.KeyPath
+		}

-		servers[serverName] = s
+		if server.KeyPassword == "" {
+			server.KeyPassword = Conf.Default.KeyPassword
+		}
 	}
-	Conf.Servers = servers
+
+	if len(server.Lockfiles) == 0 {
+		server.Lockfiles = Conf.Default.Lockfiles
+	}
+
+	if len(server.ContainersIncluded) == 0 {
+		server.ContainersIncluded = Conf.Default.ContainersIncluded
+	}
+
+	if len(server.ContainersExcluded) == 0 {
+		server.ContainersExcluded = Conf.Default.ContainersExcluded
+	}
+
+	if server.ContainerType == "" {
+		server.ContainerType = Conf.Default.ContainerType
+	}
+
+	for contName, cont := range server.Containers {
+		cont.IgnoreCves = append(cont.IgnoreCves, Conf.Default.IgnoreCves...)
+		server.Containers[contName] = cont
+	}
+
+	if server.OwaspDCXMLPath == "" {
+		server.OwaspDCXMLPath = Conf.Default.OwaspDCXMLPath
+	}
+
+	if server.Memo == "" {
+		server.Memo = Conf.Default.Memo
+	}
+
+	if server.WordPress == nil {
+		server.WordPress = Conf.Default.WordPress
+		if server.WordPress == nil {
+			server.WordPress = &WordPressConf{}
+		}
+	}
+
+	if len(server.IgnoredJSONKeys) == 0 {
+		server.IgnoredJSONKeys = Conf.Default.IgnoredJSONKeys
+	}
+
+	opt := map[string]interface{}{}
+	for k, v := range Conf.Default.Optional {
+		opt[k] = v
+	}
+	for k, v := range server.Optional {
+		opt[k] = v
+	}
+	server.Optional = opt
+
 	return nil
 }

@@ -280,5 +238,5 @@ func toCpeURI(cpename string) (string, error) {
 		}
 		return naming.BindToURI(wfn), nil
 	}
-	return "", xerrors.Errorf("Unknow CPE format: %s", cpename)
+	return "", xerrors.Errorf("Unknown CPE format: %s", cpename)
 }
--- a/contrib/future-vuls/README.md
+++ b/contrib/future-vuls/README.md
@@ -0,0 +1,38 @@
+# future-vuls
+
+## Main Features
+
+- upload vuls results json to future-vuls
+
+## Installation
+
+```
+git clone https://github.com/future-architect/vuls.git
+make build-future-vuls
+```
+
+## Command Reference
+
+```
+Upload to FutureVuls
+
+Usage:
+  future-vuls upload [flags]
+
+Flags:
+      --config string   config file (default is $HOME/.cobra.yaml)
+  -g, --group-id int    future vuls group id, ENV: VULS_GROUP_ID
+  -h, --help            help for upload
+  -s, --stdin           input from stdin. ENV: VULS_STDIN
+  -t, --token string    future vuls token
+      --url string      future vuls upload url
+      --uuid string     server uuid. ENV: VULS_SERVER_UUID
+```
+
+## Usage
+
+- update results json
+
+```
+ cat results.json | future-vuls upload --stdin --token xxxx --url https://xxxx --group-id 1 --uuid xxxx
+```
--- a/contrib/future-vuls/cmd/main.go
+++ b/contrib/future-vuls/cmd/main.go
@@ -0,0 +1,98 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"os"
+	"strconv"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/saas"
+	"github.com/spf13/cobra"
+)
+
+var (
+	configFile string
+	stdIn      bool
+	jsonDir    string
+	serverUUID string
+	groupID    int64
+	token      string
+	url        string
+)
+
+func main() {
+	var err error
+	var cmdFvulsUploader = &cobra.Command{
+		Use:   "upload",
+		Short: "Upload to FutureVuls",
+		Long:  `Upload to FutureVuls`,
+		Run: func(cmd *cobra.Command, args []string) {
+			if len(serverUUID) == 0 {
+				serverUUID = os.Getenv("VULS_SERVER_UUID")
+			}
+			if groupID == 0 {
+				envGroupID := os.Getenv("VULS_GROUP_ID")
+				if groupID, err = strconv.ParseInt(envGroupID, 10, 64); err != nil {
+					fmt.Printf("Invalid GroupID: %s\n", envGroupID)
+					return
+				}
+			}
+			if len(url) == 0 {
+				url = os.Getenv("VULS_URL")
+			}
+			if len(token) == 0 {
+				token = os.Getenv("VULS_TOKEN")
+			}
+
+			var scanResultJSON []byte
+			if stdIn {
+				reader := bufio.NewReader(os.Stdin)
+				buf := new(bytes.Buffer)
+				if _, err = buf.ReadFrom(reader); err != nil {
+					return
+				}
+				scanResultJSON = buf.Bytes()
+			} else {
+				fmt.Println("use --stdin option")
+				os.Exit(1)
+				return
+			}
+
+			var scanResult models.ScanResult
+			if err = json.Unmarshal(scanResultJSON, &scanResult); err != nil {
+				fmt.Println("Failed to parse json", err)
+				os.Exit(1)
+				return
+			}
+			scanResult.ServerUUID = serverUUID
+
+			config.Conf.Saas.GroupID = groupID
+			config.Conf.Saas.Token = token
+			config.Conf.Saas.URL = url
+			if err = (saas.Writer{}).Write(scanResult); err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+				return
+			}
+			return
+		},
+	}
+	cmdFvulsUploader.PersistentFlags().StringVar(&serverUUID, "uuid", "", "server uuid. ENV: VULS_SERVER_UUID")
+	cmdFvulsUploader.PersistentFlags().StringVar(&configFile, "config", "", "config file (default is $HOME/.cobra.yaml)")
+	cmdFvulsUploader.PersistentFlags().BoolVarP(&stdIn, "stdin", "s", false, "input from stdin. ENV: VULS_STDIN")
+	// TODO Read JSON file from directory
+	//	cmdFvulsUploader.Flags().StringVarP(&jsonDir, "results-dir", "d", "./", "vuls scan results json dir")
+	cmdFvulsUploader.PersistentFlags().Int64VarP(&groupID, "group-id", "g", 0, "future vuls group id, ENV: VULS_GROUP_ID")
+	cmdFvulsUploader.PersistentFlags().StringVarP(&token, "token", "t", "", "future vuls token")
+	cmdFvulsUploader.PersistentFlags().StringVar(&url, "url", "", "future vuls upload url")
+
+	var rootCmd = &cobra.Command{Use: "future-vuls"}
+	rootCmd.AddCommand(cmdFvulsUploader)
+	if err = rootCmd.Execute(); err != nil {
+		fmt.Println("Failed to execute command", err)
+	}
+}
--- a/contrib/trivy/README.md
+++ b/contrib/trivy/README.md
@@ -0,0 +1,35 @@
+# trivy-to-vuls
+
+## Main Features
+
+- convert trivy's results json to vuls's report json
+
+## Installation
+
+```
+git clone https://github.com/future-architect/vuls.git
+make build-trivy-to-vuls
+```
+
+## Command Reference
+
+```
+Parse trivy json to vuls results
+
+Usage:
+  trivy-to-vuls parse [flags]
+
+Flags:
+  -h, --help                          help for parse
+  -s, --stdin                         input from stdin
+  -d, --trivy-json-dir string         trivy json dir (default "./")
+  -f, --trivy-json-file-name string   trivy json file name (default "results.json")
+```
+
+## Usage
+
+- use trivy output
+
+```
+ trivy -q image -f=json python:3.4-alpine | trivy-to-vuls parse --stdin
+```
--- a/contrib/trivy/cmd/main.go
+++ b/contrib/trivy/cmd/main.go
@@ -0,0 +1,78 @@
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/future-architect/vuls/contrib/trivy/parser"
+	"github.com/future-architect/vuls/models"
+	"github.com/spf13/cobra"
+)
+
+var (
+	serverUUID   string
+	stdIn        bool
+	jsonDir      string
+	jsonFileName string
+)
+
+func main() {
+	var err error
+	var cmdTrivyToVuls = &cobra.Command{
+		Use:   "parse",
+		Short: "Parse trivy json to vuls results",
+		Long:  `Parse trivy json to vuls results`,
+		Run: func(cmd *cobra.Command, args []string) {
+			jsonFilePath := filepath.Join(jsonDir, jsonFileName)
+			var trivyJSON []byte
+			if stdIn {
+				reader := bufio.NewReader(os.Stdin)
+				buf := new(bytes.Buffer)
+				if _, err = buf.ReadFrom(reader); err != nil {
+					os.Exit(1)
+					return
+				}
+				trivyJSON = buf.Bytes()
+			} else {
+				if trivyJSON, err = ioutil.ReadFile(jsonFilePath); err != nil {
+					fmt.Println("Failed to read file", err)
+					os.Exit(1)
+					return
+				}
+			}
+
+			scanResult := &models.ScanResult{
+				JSONVersion: models.JSONVersion,
+				ScannedCves: models.VulnInfos{},
+			}
+			if scanResult, err = parser.Parse(trivyJSON, scanResult); err != nil {
+				fmt.Println("Failed to execute command", err)
+				os.Exit(1)
+				return
+			}
+			var resultJSON []byte
+			if resultJSON, err = json.MarshalIndent(scanResult, "", "   "); err != nil {
+				fmt.Println("Failed to create json", err)
+				os.Exit(1)
+				return
+			}
+			fmt.Println(string(resultJSON))
+			return
+		},
+	}
+	cmdTrivyToVuls.Flags().BoolVarP(&stdIn, "stdin", "s", false, "input from stdin")
+	cmdTrivyToVuls.Flags().StringVarP(&jsonDir, "trivy-json-dir", "d", "./", "trivy json dir")
+	cmdTrivyToVuls.Flags().StringVarP(&jsonFileName, "trivy-json-file-name", "f", "results.json", "trivy json file name")
+
+	var rootCmd = &cobra.Command{Use: "trivy-to-vuls"}
+	rootCmd.AddCommand(cmdTrivyToVuls)
+	if err = rootCmd.Execute(); err != nil {
+		fmt.Println("Failed to execute command", err)
+		os.Exit(1)
+	}
+}
--- a/contrib/trivy/parser/parser.go
+++ b/contrib/trivy/parser/parser.go
@@ -0,0 +1,176 @@
+package parser
+
+import (
+	"encoding/json"
+	"sort"
+	"time"
+
+	"github.com/aquasecurity/fanal/analyzer/os"
+	"github.com/aquasecurity/trivy/pkg/report"
+	"github.com/aquasecurity/trivy/pkg/types"
+	"github.com/future-architect/vuls/models"
+)
+
+// Parse :
+func Parse(vulnJSON []byte, scanResult *models.ScanResult) (result *models.ScanResult, err error) {
+	var trivyResults report.Results
+	if err = json.Unmarshal(vulnJSON, &trivyResults); err != nil {
+		return nil, err
+	}
+
+	pkgs := models.Packages{}
+	vulnInfos := models.VulnInfos{}
+	uniqueLibraryScannerPaths := map[string]models.LibraryScanner{}
+	for _, trivyResult := range trivyResults {
+		for _, vuln := range trivyResult.Vulnerabilities {
+			if _, ok := vulnInfos[vuln.VulnerabilityID]; !ok {
+				vulnInfos[vuln.VulnerabilityID] = models.VulnInfo{
+					CveID: vuln.VulnerabilityID,
+					Confidences: models.Confidences{
+						{
+							Score:           100,
+							DetectionMethod: models.TrivyMatchStr,
+						},
+					},
+					AffectedPackages: models.PackageFixStatuses{},
+					CveContents:      models.CveContents{},
+					LibraryFixedIns:  models.LibraryFixedIns{},
+					// VulnType : "",
+				}
+			}
+			vulnInfo := vulnInfos[vuln.VulnerabilityID]
+			var notFixedYet bool
+			fixState := ""
+			if len(vuln.FixedVersion) == 0 {
+				notFixedYet = true
+				fixState = "Affected"
+			}
+			var references models.References
+			for _, reference := range vuln.References {
+				references = append(references, models.Reference{
+					Source: "trivy",
+					Link:   reference,
+				})
+			}
+
+			sort.Slice(references, func(i, j int) bool {
+				return references[i].Link < references[j].Link
+			})
+
+			var published time.Time
+			if vuln.PublishedDate != nil {
+				published = *vuln.PublishedDate
+			}
+
+			var lastModified time.Time
+			if vuln.LastModifiedDate != nil {
+				lastModified = *vuln.LastModifiedDate
+			}
+
+			vulnInfo.CveContents = models.CveContents{
+				models.Trivy: models.CveContent{
+					Cvss3Severity: vuln.Severity,
+					References:    references,
+					Title:         vuln.Title,
+					Summary:       vuln.Description,
+					Published:     published,
+					LastModified:  lastModified,
+				},
+			}
+			// do only if image type is Vuln
+			if IsTrivySupportedOS(trivyResult.Type) {
+				pkgs[vuln.PkgName] = models.Package{
+					Name:    vuln.PkgName,
+					Version: vuln.InstalledVersion,
+				}
+				vulnInfo.AffectedPackages = append(vulnInfo.AffectedPackages, models.PackageFixStatus{
+					Name:        vuln.PkgName,
+					NotFixedYet: notFixedYet,
+					FixState:    fixState,
+					FixedIn:     vuln.FixedVersion,
+				})
+
+				// overwrite every time if os package
+				scanResult.Family = trivyResult.Type
+				scanResult.ServerName = trivyResult.Target
+				scanResult.Optional = map[string]interface{}{
+					"trivy-target": trivyResult.Target,
+				}
+				scanResult.ScannedAt = time.Now()
+				scanResult.ScannedBy = "trivy"
+				scanResult.ScannedVia = "trivy"
+			} else {
+				// LibraryScanの結果
+				vulnInfo.LibraryFixedIns = append(vulnInfo.LibraryFixedIns, models.LibraryFixedIn{
+					Key:     trivyResult.Type,
+					Name:    vuln.PkgName,
+					Path:    trivyResult.Target,
+					FixedIn: vuln.FixedVersion,
+				})
+				libScanner := uniqueLibraryScannerPaths[trivyResult.Target]
+				libScanner.Libs = append(libScanner.Libs, types.Library{
+					Name:    vuln.PkgName,
+					Version: vuln.InstalledVersion,
+				})
+				uniqueLibraryScannerPaths[trivyResult.Target] = libScanner
+			}
+			vulnInfos[vuln.VulnerabilityID] = vulnInfo
+		}
+	}
+	// flatten and unique libraries
+	libraryScanners := make([]models.LibraryScanner, 0, len(uniqueLibraryScannerPaths))
+	for path, v := range uniqueLibraryScannerPaths {
+		uniqueLibrary := map[string]types.Library{}
+		for _, lib := range v.Libs {
+			uniqueLibrary[lib.Name+lib.Version] = lib
+		}
+
+		var libraries []types.Library
+		for _, library := range uniqueLibrary {
+			libraries = append(libraries, library)
+		}
+
+		sort.Slice(libraries, func(i, j int) bool {
+			return libraries[i].Name < libraries[j].Name
+		})
+
+		libscanner := models.LibraryScanner{
+			Path: path,
+			Libs: libraries,
+		}
+		libraryScanners = append(libraryScanners, libscanner)
+	}
+	sort.Slice(libraryScanners, func(i, j int) bool {
+		return libraryScanners[i].Path < libraryScanners[j].Path
+	})
+	scanResult.ScannedCves = vulnInfos
+	scanResult.Packages = pkgs
+	scanResult.LibraryScanners = libraryScanners
+	return scanResult, nil
+}
+
+// IsTrivySupportedOS :
+func IsTrivySupportedOS(family string) bool {
+	supportedFamilies := []string{
+		os.RedHat,
+		os.Debian,
+		os.Ubuntu,
+		os.CentOS,
+		os.Fedora,
+		os.Amazon,
+		os.Oracle,
+		os.Windows,
+		os.OpenSUSE,
+		os.OpenSUSELeap,
+		os.OpenSUSETumbleweed,
+		os.SLES,
+		os.Photon,
+		os.Alpine,
+	}
+	for _, supportedFamily := range supportedFamilies {
+		if family == supportedFamily {
+			return true
+		}
+	}
+	return false
+}
--- a/contrib/trivy/parser/parser_test.go
+++ b/contrib/trivy/parser/parser_test.go
--- a/errof/errof.go
+++ b/errof/errof.go
@@ -16,6 +16,12 @@ func (e Error) Error() string {
 var (
 	// ErrFailedToAccessGithubAPI is error of github alert's api access
 	ErrFailedToAccessGithubAPI ErrorCode = "ErrFailedToAccessGithubAPI"
+
+	// ErrFailedToAccessWpScan is error of wpscan.com api access
+	ErrFailedToAccessWpScan ErrorCode = "ErrFailedToAccessWpScan"
+
+	// ErrWpScanAPILimitExceeded is error of wpscan.com api limit exceeded
+	ErrWpScanAPILimitExceeded ErrorCode = "ErrWpScanAPILimitExceeded"
 )

 // New :
--- a/exploit/exploit.go
+++ b/exploit/exploit.go
@@ -1,27 +1,25 @@
+// +build !scanner
+
 package exploit

 import (
 	"encoding/json"
-	"fmt"
-	"net/http"

-	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
-	"github.com/mozqnet/go-exploitdb/db"
-	exploitmodels "github.com/mozqnet/go-exploitdb/models"
-	"github.com/parnurzeal/gorequest"
-	"golang.org/x/xerrors"
+	"github.com/vulsio/go-exploitdb/db"
+	exploitmodels "github.com/vulsio/go-exploitdb/models"
 )

 // FillWithExploit fills exploit information that has in Exploit
-func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) {
-	if cnf.Conf.Exploit.IsFetchViaHTTP() {
+func FillWithExploit(driver db.DB, r *models.ScanResult, cnf *config.ExploitConf) (nExploitCve int, err error) {
+	if cnf.IsFetchViaHTTP() {
 		var cveIDs []string
 		for cveID := range r.ScannedCves {
 			cveIDs = append(cveIDs, cveID)
 		}
-		prefix, _ := util.URLPathJoin(cnf.Conf.Exploit.URL, "cves")
+		prefix, _ := util.URLPathJoin(cnf.URL, "cves")
 		responses, err := getCvesViaHTTP(cveIDs, prefix)
 		if err != nil {
 			return 0, err
@@ -85,33 +83,3 @@ func ConvertToModels(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
 	}
 	return exploits
 }
-
-// CheckHTTPHealth do health check
-func CheckHTTPHealth() error {
-	if !cnf.Conf.Exploit.IsFetchViaHTTP() {
-		return nil
-	}
-
-	url := fmt.Sprintf("%s/health", cnf.Conf.Exploit.URL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().Get(url).End()
-	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to connect to exploit server. url: %s, errs: %w", url, errs)
-	}
-	return nil
-}
-
-// CheckIfExploitFetched checks if oval entries are in DB by family, release.
-func CheckIfExploitFetched(driver db.DB, osFamily string) (fetched bool, err error) {
-	//TODO
-	return true, nil
-}
-
-// CheckIfExploitFresh checks if oval entries are fresh enough
-func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) {
-	//TODO
-	return true, nil
-}
--- a/exploit/util.go
+++ b/exploit/util.go
@@ -85,13 +85,13 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 	count, retryMax := 0, 3
 	f := func() (err error) {
 		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
 			count++
 			if count == retryMax {
 				return nil
 			}
-			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs)
 		}
 		return nil
 	}
--- a/github/github.go
+++ b/github/github.go
@@ -15,12 +15,14 @@ import (
 	"golang.org/x/oauth2"
 )

-// FillGitHubSecurityAlerts access to owner/repo on GitHub and fetch scurity alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult.
+// DetectGitHubSecurityAlerts access to owner/repo on GitHub and fetch security alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult.
 // https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
-func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (nCVEs int, err error) {
+//TODO move to report
+func DetectGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (nCVEs int, err error) {
 	src := oauth2.StaticTokenSource(
 		&oauth2.Token{AccessToken: token},
 	)
+	//TODO Proxy
 	httpClient := oauth2.NewClient(context.Background(), src)

 	// TODO Use `https://github.com/shurcooL/githubv4` if the tool supports vulnerabilityAlerts Endpoint
@@ -31,10 +33,12 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (

 	for {
 		jsonStr := fmt.Sprintf(jsonfmt, owner, repo, 100, after)
-		req, err := http.NewRequest("POST",
+		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+		req, err := http.NewRequestWithContext(ctx, http.MethodPost,
 			"https://api.github.com/graphql",
 			bytes.NewBuffer([]byte(jsonStr)),
 		)
+		defer cancel()
 		if err != nil {
 			return 0, err
 		}
@@ -58,17 +62,15 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 		}

 		alerts := SecurityAlerts{}
-		if json.Unmarshal(body, &alerts); err != nil {
+		if err := json.Unmarshal(body, &alerts); err != nil {
 			return 0, err
 		}

 		// util.Log.Debugf("%s", pp.Sprint(alerts))
 		// util.Log.Debugf("%s", string(body))
 		if alerts.Data.Repository.URL == "" {
-			return 0, errof.New(
-				errof.ErrFailedToAccessGithubAPI,
-				fmt.Sprintf("Failed to access to GitHub API. Response: %s", string(body)),
-			)
+			return 0, errof.New(errof.ErrFailedToAccessGithubAPI,
+				fmt.Sprintf("Failed to access to GitHub API. Response: %s", string(body)))
 		}

 		for _, v := range alerts.Data.Repository.VulnerabilityAlerts.Edges {
@@ -102,20 +104,39 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
 				cveIDs = other
 			}

+			refs := []models.Reference{}
+			for _, r := range v.Node.SecurityAdvisory.References {
+				refs = append(refs, models.Reference{Link: r.URL})
+			}
+
 			for _, cveID := range cveIDs {
+				cveContent := models.CveContent{
+					Type:          models.GitHub,
+					CveID:         cveID,
+					Title:         v.Node.SecurityAdvisory.Summary,
+					Summary:       v.Node.SecurityAdvisory.Description,
+					Cvss2Severity: v.Node.SecurityVulnerability.Severity,
+					Cvss3Severity: v.Node.SecurityVulnerability.Severity,
+					SourceLink:    v.Node.SecurityAdvisory.Permalink,
+					References:    refs,
+					Published:     v.Node.SecurityAdvisory.PublishedAt,
+					LastModified:  v.Node.SecurityAdvisory.UpdatedAt,
+				}
+
 				if val, ok := r.ScannedCves[cveID]; ok {
 					val.GitHubSecurityAlerts = val.GitHubSecurityAlerts.Add(m)
+					val.CveContents[models.GitHub] = cveContent
 					r.ScannedCves[cveID] = val
-					nCVEs++
 				} else {
 					v := models.VulnInfo{
 						CveID:                cveID,
 						Confidences:          models.Confidences{models.GitHubMatch},
 						GitHubSecurityAlerts: models.GitHubSecurityAlerts{m},
+						CveContents:          models.NewCveContents(cveContent),
 					}
 					r.ScannedCves[cveID] = v
-					nCVEs++
 				}
+				nCVEs++
 			}
 		}
 		if !alerts.Data.Repository.VulnerabilityAlerts.PageInfo.HasNextPage {
--- a/go.mod
+++ b/go.mod
@@ -1,53 +1,50 @@
 module github.com/future-architect/vuls

-go 1.13
-
-replace (
-	gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0
-	gopkg.in/mattn/go-isatty.v0 => github.com/mattn/go-isatty v0.0.6
-)
+go 1.15

 require (
-	github.com/Azure/azure-sdk-for-go v42.0.0+incompatible
+	github.com/Azure/azure-sdk-for-go v50.2.0+incompatible
 	github.com/BurntSushi/toml v0.3.1
-	github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91
-	github.com/aquasecurity/fanal v0.0.0-20200427221647-c3528846e21c
-	github.com/aquasecurity/go-dep-parser v0.0.0-20200123140603-4dc0125084da // indirect
-	github.com/aquasecurity/trivy v0.6.0
-	github.com/aquasecurity/trivy-db v0.0.0-20200427221211-19fb3b7a88b5
-	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
-	github.com/aws/aws-sdk-go v1.30.16
+	github.com/aquasecurity/fanal v0.0.0-20210119051230-28c249da7cfd
+	github.com/aquasecurity/trivy v0.15.0
+	github.com/aquasecurity/trivy-db v0.0.0-20210121143430-2a5c54036a86
+	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef
+	github.com/aws/aws-sdk-go v1.36.31
 	github.com/boltdb/bolt v1.3.1
 	github.com/cenkalti/backoff v2.2.1+incompatible
+	github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b
+	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
+	github.com/emersion/go-smtp v0.14.0
 	github.com/google/subcommands v1.2.0
 	github.com/gosuri/uitable v0.0.4
 	github.com/hashicorp/go-uuid v1.0.2
-	github.com/hashicorp/go-version v1.2.0
+	github.com/hashicorp/go-version v1.2.1
 	github.com/howeyc/gopass v0.0.0-20190910152052-7cb4b85ec19c
 	github.com/jesseduffield/gocui v0.3.0
 	github.com/k0kubun/pp v3.0.1+incompatible
-	github.com/knqyf263/go-apk-version v0.0.0-20200507080916-9f84b1e3c54c
-	github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2
+	github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f
+	github.com/knqyf263/go-cpe v0.0.0-20201213041631-54f6ab28673f
 	github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
 	github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
-	github.com/knqyf263/go-version v1.1.1
-	github.com/knqyf263/gost v0.1.3
-	github.com/kotakanbe/go-cve-dictionary v0.4.2
+	github.com/knqyf263/gost v0.1.7
+	github.com/kotakanbe/go-cve-dictionary v0.5.7
 	github.com/kotakanbe/go-pingscanner v0.1.0
-	github.com/kotakanbe/goval-dictionary v0.2.5
+	github.com/kotakanbe/goval-dictionary v0.3.1
 	github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96
-	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
+	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/mozqnet/go-exploitdb v0.0.0-20190911093644-f647f17ea8ca
 	github.com/nlopes/slack v0.6.0
 	github.com/nsf/termbox-go v0.0.0-20200418040025-38ba6e5628f1 // indirect
 	github.com/olekukonko/tablewriter v0.0.4
 	github.com/parnurzeal/gorequest v0.2.16
 	github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5
-	github.com/sirupsen/logrus v1.5.0
-	github.com/spf13/afero v1.2.2
-	golang.org/x/crypto v0.0.0-20200427165652-729f1e841bcc
-	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
-	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
-	k8s.io/utils v0.0.0-20191114184206-e782cd3c129f
+	github.com/sirupsen/logrus v1.7.0
+	github.com/spf13/afero v1.5.1
+	github.com/spf13/cobra v1.1.1
+	github.com/takuzoo3868/go-msfdb v0.1.3
+	github.com/vulsio/go-exploitdb v0.1.4
+	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
+	golang.org/x/oauth2 v0.0.0-20210125201302-af13f521f196
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
+	k8s.io/utils v0.0.0-20210111153108-fddb29f9d009
 )
--- a/go.sum
+++ b/go.sum
--- a/gost/base.go
+++ b/gost/base.go
@@ -1,14 +1,10 @@
+// +build !scanner
+
 package gost

 import (
-	"fmt"
-	"net/http"
-
-	cnf "github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
 	"github.com/knqyf263/gost/db"
-	"github.com/parnurzeal/gorequest"
-	"golang.org/x/xerrors"
 )

 // Base is a base struct
@@ -17,35 +13,5 @@ type Base struct {

 // FillCVEsWithRedHat fills cve information that has in Gost
 func (b Base) FillCVEsWithRedHat(driver db.DB, r *models.ScanResult) error {
-	return RedHat{}.fillFixed(driver, r)
-}
-
-// CheckHTTPHealth do health check
-func (b Base) CheckHTTPHealth() error {
-	if !cnf.Conf.Gost.IsFetchViaHTTP() {
-		return nil
-	}
-
-	url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().Get(url).End()
-	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs)
-	}
-	return nil
-}
-
-// CheckIfGostFetched checks if oval entries are in DB by family, release.
-func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) {
-	//TODO
-	return true, nil
-}
-
-// CheckIfGostFresh checks if oval entries are fresh enough
-func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) {
-	//TODO
-	return true, nil
+	return RedHat{}.fillCvesWithRedHatAPI(driver, r)
 }
--- a/gost/debian.go
+++ b/gost/debian.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package gost

 import (
@@ -21,8 +23,23 @@ type packCves struct {
 	cves      []models.CveContent
 }

+func (deb Debian) supported(major string) bool {
+	_, ok := map[string]string{
+		"8":  "jessie",
+		"9":  "stretch",
+		"10": "buster",
+	}[major]
+	return ok
+}
+
 // DetectUnfixed fills cve information that has in Gost
 func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
+	if !deb.supported(major(r.Release)) {
+		// only logging
+		util.Log.Warnf("Debian %s is not supported yet", r.Release)
+		return 0, nil
+	}
+
 	linuxImage := "linux-image-" + r.RunningKernel.Release
 	// Add linux and set the version of running kernel to search OVAL.
 	if r.Container.ContainerID == "" {
@@ -37,9 +54,17 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 		}
 	}

+	// Debian Security Tracker does not support Package for Raspbian, so skip it.
+	var scanResult models.ScanResult
+	if r.Family != config.Raspbian {
+		scanResult = *r
+	} else {
+		scanResult = r.RemoveRaspbianPackFromResult()
+	}
+
 	packCvesList := []packCves{}
 	if config.Conf.Gost.IsFetchViaHTTP() {
-		url, _ := util.URLPathJoin(config.Conf.Gost.URL, "debian", major(r.Release), "pkgs")
+		url, _ := util.URLPathJoin(config.Conf.Gost.URL, "debian", major(scanResult.Release), "pkgs")
 		responses, err := getAllUnfixedCvesViaHTTP(r, url)
 		if err != nil {
 			return 0, err
@@ -64,8 +89,8 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 		if driver == nil {
 			return 0, nil
 		}
-		for _, pack := range r.Packages {
-			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
+		for _, pack := range scanResult.Packages {
+			cveDebs := driver.GetUnfixedCvesDebian(major(scanResult.Release), pack.Name)
 			cves := []models.CveContent{}
 			for _, cveDeb := range cveDebs {
 				cves = append(cves, *deb.ConvertToModel(&cveDeb))
@@ -78,8 +103,8 @@ func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCV
 		}

 		// SrcPack
-		for _, pack := range r.SrcPackages {
-			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
+		for _, pack := range scanResult.SrcPackages {
+			cveDebs := driver.GetUnfixedCvesDebian(major(scanResult.Release), pack.Name)
 			cves := []models.CveContent{}
 			for _, cveDeb := range cveDebs {
 				cves = append(cves, *deb.ConvertToModel(&cveDeb))
--- a/gost/debian_test.go
+++ b/gost/debian_test.go
@@ -0,0 +1,61 @@
+package gost
+
+import "testing"
+
+func TestDebian_Supported(t *testing.T) {
+	type fields struct {
+		Base Base
+	}
+	type args struct {
+		major string
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "8 is supported",
+			args: args{
+				major: "8",
+			},
+			want: true,
+		},
+		{
+			name: "9 is supported",
+			args: args{
+				major: "9",
+			},
+			want: true,
+		},
+		{
+			name: "10 is supported",
+			args: args{
+				major: "10",
+			},
+			want: true,
+		},
+		{
+			name: "11 is not supported yet",
+			args: args{
+				major: "11",
+			},
+			want: false,
+		},
+		{
+			name: "empty string is not supported yet",
+			args: args{
+				major: "",
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			deb := Debian{}
+			if got := deb.supported(tt.args.major); got != tt.want {
+				t.Errorf("Debian.Supported() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
--- a/gost/gost.go
+++ b/gost/gost.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package gost

 import (
@@ -10,12 +12,6 @@ import (
 type Client interface {
 	DetectUnfixed(db.DB, *models.ScanResult, bool) (int, error)
 	FillCVEsWithRedHat(db.DB, *models.ScanResult) error
-
-	//TODO implement
-	// CheckHTTPHealth() error
-	// CheckIfGostFetched checks if Gost entries are fetched
-	// CheckIfGostFetched(db.DB, string, string) (bool, error)
-	// CheckIfGostFresh(db.DB, string, string) (bool, error)
 }

 // NewClient make Client by family
@@ -23,7 +19,7 @@ func NewClient(family string) Client {
 	switch family {
 	case cnf.RedHat, cnf.CentOS:
 		return RedHat{}
-	case cnf.Debian:
+	case cnf.Debian, cnf.Raspbian:
 		return Debian{}
 	case cnf.Windows:
 		return Microsoft{}
--- a/gost/microsoft.go
+++ b/gost/microsoft.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package gost

 import (
@@ -18,7 +20,7 @@ func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (n
 	if driver == nil {
 		return 0, nil
 	}
-	var cveIDs []string
+	cveIDs := []string{}
 	for cveID := range r.ScannedCves {
 		cveIDs = append(cveIDs, cveID)
 	}
@@ -26,19 +28,20 @@ func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (n
 		if _, ok := r.ScannedCves[cveID]; !ok {
 			continue
 		}
-		cveCont := ms.ConvertToModel(&msCve)
+		cveCont, mitigations := ms.ConvertToModel(&msCve)
 		v, _ := r.ScannedCves[cveID]
 		if v.CveContents == nil {
 			v.CveContents = models.CveContents{}
 		}
 		v.CveContents[models.Microsoft] = *cveCont
+		v.Mitigations = append(v.Mitigations, mitigations...)
 		r.ScannedCves[cveID] = v
 	}
 	return len(cveIDs), nil
 }

 // ConvertToModel converts gost model to vuls model
-func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveContent {
+func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) (*models.CveContent, []models.Mitigation) {
 	v3score := 0.0
 	var v3Vector string
 	for _, scoreSet := range cve.ScoreSets {
@@ -67,12 +70,11 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont

 	option := map[string]string{}
 	if 0 < len(cve.ExploitStatus) {
+		// TODO: CVE-2020-0739
+		// "exploit_status": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A",
 		option["exploit"] = cve.ExploitStatus
 	}
-	if 0 < len(cve.Workaround) {
-		option["workaround"] = cve.Workaround
-	}
-	var kbids []string
+	kbids := []string{}
 	for _, kbid := range cve.KBIDs {
 		kbids = append(kbids, kbid.KBID)
 	}
@@ -80,6 +82,23 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 		option["kbids"] = strings.Join(kbids, ",")
 	}

+	vendorURL := "https://msrc.microsoft.com/update-guide/vulnerability/" + cve.CveID
+	mitigations := []models.Mitigation{}
+	if cve.Mitigation != "" {
+		mitigations = append(mitigations, models.Mitigation{
+			CveContentType: models.Microsoft,
+			Mitigation:     cve.Mitigation,
+			URL:            vendorURL,
+		})
+	}
+	if cve.Workaround != "" {
+		mitigations = append(mitigations, models.Mitigation{
+			CveContentType: models.Microsoft,
+			Mitigation:     cve.Workaround,
+			URL:            vendorURL,
+		})
+	}
+
 	return &models.CveContent{
 		Type:          models.Microsoft,
 		CveID:         cve.CveID,
@@ -90,10 +109,9 @@ func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveCont
 		Cvss3Severity: v3Severity,
 		References:    refs,
 		CweIDs:        cwe,
-		Mitigation:    cve.Mitigation,
 		Published:     cve.PublishDate,
 		LastModified:  cve.LastUpdateDate,
-		SourceLink:    "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/" + cve.CveID,
+		SourceLink:    vendorURL,
 		Optional:      option,
-	}
+	}, mitigations
 }
--- a/gost/pseudo.go
+++ b/gost/pseudo.go
@@ -1,9 +1,10 @@
+// +build !scanner
+
 package gost

 import (
 	"github.com/future-architect/vuls/models"
 	"github.com/knqyf263/gost/db"
-	"strings"
 )

 // Pseudo is Gost client except for RedHat family and Debian
@@ -15,7 +16,3 @@ type Pseudo struct {
 func (pse Pseudo) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (int, error) {
 	return 0, nil
 }
-
-func major(osVer string) (majorVersion string) {
-	return strings.Split(osVer, ".")[0]
-}
--- a/gost/redhat.go
+++ b/gost/redhat.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package gost

 import (
@@ -19,11 +21,48 @@ type RedHat struct {

 // DetectUnfixed fills cve information that has in Gost
 func (red RedHat) DetectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
-	return red.fillUnfixed(driver, r, ignoreWillNotFix)
+	return red.detectUnfixed(driver, r, ignoreWillNotFix)
 }

-func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
-	var cveIDs []string
+func (red RedHat) detectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
+	if config.Conf.Gost.IsFetchViaHTTP() {
+		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
+			"redhat", major(r.Release), "pkgs")
+		responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
+		if err != nil {
+			return 0, err
+		}
+		for _, res := range responses {
+			// CVE-ID: RedhatCVE
+			cves := map[string]gostmodels.RedhatCVE{}
+			if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
+				return 0, err
+			}
+			for _, cve := range cves {
+				if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
+					nCVEs++
+				}
+			}
+		}
+	} else {
+		if driver == nil {
+			return 0, nil
+		}
+		for _, pack := range r.Packages {
+			// CVE-ID: RedhatCVE
+			cves := driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
+			for _, cve := range cves {
+				if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
+					nCVEs++
+				}
+			}
+		}
+	}
+	return nCVEs, nil
+}
+
+func (red RedHat) fillCvesWithRedHatAPI(driver db.DB, r *models.ScanResult) error {
+	cveIDs := []string{}
 	for cveID, vuln := range r.ScannedCves {
 		if _, ok := vuln.CveContents[models.RedHatAPI]; ok {
 			continue
@@ -46,129 +85,68 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
 			if redCve.ID == 0 {
 				continue
 			}
-			cveCont := red.ConvertToModel(&redCve)
-			v, ok := r.ScannedCves[res.request.cveID]
-			if ok {
-				if v.CveContents == nil {
-					v.CveContents = models.NewCveContents(*cveCont)
-				} else {
-					v.CveContents[models.RedHatAPI] = *cveCont
-				}
-			} else {
-				v = models.VulnInfo{
-					CveID:       cveCont.CveID,
-					CveContents: models.NewCveContents(*cveCont),
-					Confidences: models.Confidences{models.RedHatAPIMatch},
-				}
-			}
-			r.ScannedCves[res.request.cveID] = v
+			red.setFixedCveToScanResult(&redCve, r)
 		}
 	} else {
 		if driver == nil {
 			return nil
 		}
-		for cveID, redCve := range driver.GetRedhatMulti(cveIDs) {
+		for _, redCve := range driver.GetRedhatMulti(cveIDs) {
 			if len(redCve.Name) == 0 {
 				continue
 			}
-			cveCont := red.ConvertToModel(&redCve)
-			v, ok := r.ScannedCves[cveID]
-			if ok {
-				if v.CveContents == nil {
-					v.CveContents = models.NewCveContents(*cveCont)
-				} else {
-					v.CveContents[models.RedHatAPI] = *cveCont
-				}
-			} else {
-				v = models.VulnInfo{
-					CveID:       cveCont.CveID,
-					CveContents: models.NewCveContents(*cveCont),
-					Confidences: models.Confidences{models.RedHatAPIMatch},
-				}
-			}
-			r.ScannedCves[cveID] = v
+			red.setFixedCveToScanResult(&redCve, r)
 		}
 	}

 	return nil
 }

-func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
-	if config.Conf.Gost.IsFetchViaHTTP() {
-		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
-			"redhat", major(r.Release), "pkgs")
-		responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
-		if err != nil {
-			return 0, err
-		}
-		for _, res := range responses {
-			// CVE-ID: RedhatCVE
-			cves := map[string]gostmodels.RedhatCVE{}
-			if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
-				return 0, err
-			}
-
-			for _, cve := range cves {
-				cveCont := red.ConvertToModel(&cve)
-				v, ok := r.ScannedCves[cve.Name]
-				if ok {
-					if v.CveContents == nil {
-						v.CveContents = models.NewCveContents(*cveCont)
-					} else {
-						v.CveContents[models.RedHatAPI] = *cveCont
-					}
-				} else {
-					v = models.VulnInfo{
-						CveID:       cveCont.CveID,
-						CveContents: models.NewCveContents(*cveCont),
-						Confidences: models.Confidences{models.RedHatAPIMatch},
-					}
-					nCVEs++
-				}
-				pkgStats := red.mergePackageStates(v,
-					cve.PackageState, r.Packages, r.Release)
-				if 0 < len(pkgStats) {
-					v.AffectedPackages = pkgStats
-					r.ScannedCves[cve.Name] = v
-				}
-			}
+func (red RedHat) setFixedCveToScanResult(cve *gostmodels.RedhatCVE, r *models.ScanResult) {
+	cveCont, mitigations := red.ConvertToModel(cve)
+	v, ok := r.ScannedCves[cveCont.CveID]
+	if ok {
+		if v.CveContents == nil {
+			v.CveContents = models.NewCveContents(*cveCont)
+		} else {
+			v.CveContents[models.RedHatAPI] = *cveCont
 		}
 	} else {
-		if driver == nil {
-			return 0, nil
-		}
-		for _, pack := range r.Packages {
-			// CVE-ID: RedhatCVE
-			cves := map[string]gostmodels.RedhatCVE{}
-			cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
-			for _, cve := range cves {
-				cveCont := red.ConvertToModel(&cve)
-				v, ok := r.ScannedCves[cve.Name]
-				if ok {
-					if v.CveContents == nil {
-						v.CveContents = models.NewCveContents(*cveCont)
-					} else {
-						v.CveContents[models.RedHatAPI] = *cveCont
-					}
-				} else {
-					v = models.VulnInfo{
-						CveID:       cveCont.CveID,
-						CveContents: models.NewCveContents(*cveCont),
-						Confidences: models.Confidences{models.RedHatAPIMatch},
-					}
-					nCVEs++
-				}
-
-				pkgStats := red.mergePackageStates(v,
-					cve.PackageState, r.Packages, r.Release)
-				if 0 < len(pkgStats) {
-					v.AffectedPackages = pkgStats
-					r.ScannedCves[cve.Name] = v
-				}
-			}
+		v = models.VulnInfo{
+			CveID:       cveCont.CveID,
+			CveContents: models.NewCveContents(*cveCont),
+			Confidences: models.Confidences{models.RedHatAPIMatch},
 		}
 	}
-	return nCVEs, nil
+	v.Mitigations = append(v.Mitigations, mitigations...)
+	r.ScannedCves[cveCont.CveID] = v
+}
+
+func (red RedHat) setUnfixedCveToScanResult(cve *gostmodels.RedhatCVE, r *models.ScanResult) (newly bool) {
+	cveCont, mitigations := red.ConvertToModel(cve)
+	v, ok := r.ScannedCves[cve.Name]
+	if ok {
+		if v.CveContents == nil {
+			v.CveContents = models.NewCveContents(*cveCont)
+		} else {
+			v.CveContents[models.RedHatAPI] = *cveCont
+		}
+	} else {
+		v = models.VulnInfo{
+			CveID:       cveCont.CveID,
+			CveContents: models.NewCveContents(*cveCont),
+			Confidences: models.Confidences{models.RedHatAPIMatch},
+		}
+		newly = true
+	}
+	v.Mitigations = append(v.Mitigations, mitigations...)
+	pkgStats := red.mergePackageStates(v,
+		cve.PackageState, r.Packages, r.Release)
+	if 0 < len(pkgStats) {
+		v.AffectedPackages = pkgStats
+		r.ScannedCves[cve.Name] = v
+	}
+	return
 }

 func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPackageState, installed models.Packages, release string) (pkgStats models.PackageFixStatuses) {
@@ -219,7 +197,7 @@ func (red RedHat) parseCwe(str string) (cwes []string) {
 }

 // ConvertToModel converts gost model to vuls model
-func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
+func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) (*models.CveContent, []models.Mitigation) {
 	cwes := red.parseCwe(cve.Cwe)

 	details := []string{}
@@ -245,11 +223,23 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
 		v3severity = cve.ThreatSeverity
 	}

-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range cve.References {
 		refs = append(refs, models.Reference{Link: r.Reference})
 	}

+	vendorURL := "https://access.redhat.com/security/cve/" + cve.Name
+	mitigations := []models.Mitigation{}
+	if cve.Mitigation != "" {
+		mitigations = []models.Mitigation{
+			{
+				CveContentType: models.RedHatAPI,
+				Mitigation:     cve.Mitigation,
+				URL:            vendorURL,
+			},
+		}
+	}
+
 	return &models.CveContent{
 		Type:          models.RedHatAPI,
 		CveID:         cve.Name,
@@ -263,8 +253,7 @@ func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
 		Cvss3Severity: v3severity,
 		References:    refs,
 		CweIDs:        cwes,
-		Mitigation:    cve.Mitigation,
 		Published:     cve.PublicDate,
-		SourceLink:    "https://access.redhat.com/security/cve/" + cve.Name,
-	}
+		SourceLink:    vendorURL,
+	}, mitigations
 }
--- a/gost/util.go
+++ b/gost/util.go
@@ -2,6 +2,7 @@ package gost

 import (
 	"net/http"
+	"strings"
 	"time"

 	"github.com/cenkalti/backoff"
@@ -153,13 +154,13 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 	count, retryMax := 0, 3
 	f := func() (err error) {
 		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
 			count++
 			if count == retryMax {
 				return nil
 			}
-			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs)
 		}
 		return nil
 	}
@@ -181,3 +182,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 		json:    body,
 	}
 }
+
+func major(osVer string) (majorVersion string) {
+	return strings.Split(osVer, ".")[0]
+}
--- a/img/hello-vuls-tui.png
+++ b/img/hello-vuls-tui.png
--- a/img/vuls-architecture-localscan.graphml
+++ b/img/vuls-architecture-localscan.graphml
--- a/img/vuls-architecture-localscan.png
+++ b/img/vuls-architecture-localscan.png
--- a/img/vuls-architecture.graphml
+++ b/img/vuls-architecture.graphml
--- a/img/vuls-architecture.png
+++ b/img/vuls-architecture.png
--- a/img/vuls-motivation.graphml
+++ b/img/vuls-motivation.graphml
--- a/img/vuls-scan-flow-fast.graphml
+++ b/img/vuls-scan-flow-fast.graphml
@@ -1,414 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.17-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.decision">
-          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
-            <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
-Alpine: apk
-Debian/Ubuntu: dpkg-query
-Amazon/RHEL/CentOS: rpm
-SUSE: zypper
-FreeBSD: pkg<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n3">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="630.0546766682629"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
-Amazon: yum plugin security
-FreeBSD: pkg audit<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n5">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="750.4705298628534"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n6" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="234.29467728596296" y="709.1901021013174"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n6:">
-        <node id="n6::n0">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="416.1341210280616" y="745.8561177263174"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-        <node id="n6::n1">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="249.29467728596296" y="745.8561177263174"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <node id="n7">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
-Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n8">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimit">
-          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="92.54867256637169" y="376.28592169721867"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
-upgradable  packages<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="5.551115123125783E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n9">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
-Debian/Ubuntu: aptitude changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n10">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimitEnd">
-          <y:Geometry height="50.0" width="137.0" x="92.64475347661187" y="545.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <edge id="e0" source="n2" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="45.22123893805309" tx="0.0" ty="-20.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n1" target="n4">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="183.35883739927397" y="2.000003510871693">Amazon
-FreeBSD<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="right" ratio="0.7796030035582084" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n5" target="n6">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n1" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="-123.36984126984123" ty="0.0">
-            <y:Point x="443.6849206349206" y="658.0546766682629"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="102.9296875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="77.078125" x="-97.68364242524859" y="5.005267793098369">Alpine Linux
-CentOS
-RHEL
-Ubuntu
-Debian
-Oracle Linux
-Suse<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="59.14459455430983" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n4" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n7" target="n8">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.554993678887485"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n8" target="n9">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="25.554993678887485" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n9" target="n10">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e9" source="n3" target="n5">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e10" source="n1" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
-            <y:Point x="161.14475347661187" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-196.80057112212188" y="20.933597260871807">Raspbian<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="left" ratio="0.6447921222409765" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e11" source="n10" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="-125.78842258255952" ty="0.0">
-            <y:Point x="161.14475347661187" y="658.0546766682629"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>
--- a/img/vuls-scan-flow-fast.png
+++ b/img/vuls-scan-flow-fast.png
--- a/img/vuls-scan-flow.graphml
+++ b/img/vuls-scan-flow.graphml
@@ -1,515 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.17-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.decision">
-          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
-            <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
-Alpine Linux: apk
-Debian/Ubuntu: dpkg-query
-Amazon/RHEL/CentOS: rpm
-FreeBSD: pkg
-SUSE: zypper<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n3">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="10.0" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
-Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimit">
-          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="75.40391908975982" y="376.28592169721867"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
-upgradable  packages<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="5.551115123125783E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n5">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="10.0" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
-Debian/Ubuntu: aptitude changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n6">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.loopLimitEnd">
-          <y:Geometry height="50.0" width="137.0" x="75.5" y="545.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n7">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="625.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n8">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
-Amazon/RHEL: yum plugin security
-FreeBSD: pkg audit<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n9">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="716.4553275126422"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n10">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="371.39590905499364"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999943" y="11.8671875">Get all changelogs of updatable packages at once
-yum changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n11">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.68492063492056" y="459.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="205.52734375" x="31.236328125000057" y="18.93359375">Parse changelogs and get CVE IDs <y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n12">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="373.8409153761062"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999886" y="11.8671875">Get all changelogs of updatable packages at once
-Amazon / RHEL: yum changelog<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n13" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="229.74083438685204" y="675.1748997511062"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n13:">
-        <node id="n13::n0">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="411.5802781289507" y="711.8409153761062"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-        <node id="n13::n1">
-          <data key="d6">
-            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="244.74083438685204" y="711.8409153761062"/>
-              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-            </y:GenericNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <edge id="e0" source="n2" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="45.22123893805309" tx="0.0" ty="-20.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n1" target="n3">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="-40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="144.0" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-257.65322875976574" y="2.0000035108718635">Debian
-Ubuntu
-Raspbian<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="left" ratio="0.8652035780364729" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n3" target="n4">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.554993678887485"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n4" target="n5">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="25.554993678887485" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n5" target="n6">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n6" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="68.5" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="570.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n1" target="n8">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="40.0" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="226.44247787610618"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="200.87829463898197" y="4.000003510871693">Amazon
-RHEL
-FreeBSD<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="6.999999999999886" distanceToCenter="false" position="right" ratio="0.8192728556300707" segment="-1"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n0" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n7" target="n9">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e9" source="n1" target="n10">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="20.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="46.708984375" x="-53.35447755843876" y="5.000003510871807">CentOS<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e10" source="n10" target="n11">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e11" source="n11" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="-24.34091537610618">
-            <y:Point x="743.3698412698412" y="487.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e12" source="n8" target="n12">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e13" source="n12" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e14" source="n9" target="n13">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e15" source="n1" target="n7">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
-            <y:Point x="999.0" y="226.44247787610618"/>
-            <y:Point x="999.0" y="570.8409153761062"/>
-            <y:Point x="743.3698412698412" y="570.8409153761062"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="76.8203125" x="422.923942251054" y="13.867191010871807">Alpine Linux
-SUSE<y:LabelModel>
-              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.8856709076027529" segment="0"/>
-            </y:ModelParameter>
-            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
-          </y:EdgeLabel>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>
--- a/img/vuls-scan-flow.png
+++ b/img/vuls-scan-flow.png
--- a/img/vuls-slack-ja.png
+++ b/img/vuls-slack-ja.png
--- a/img/vuls-usecase-elb-rails-rds-all.graphml
+++ b/img/vuls-usecase-elb-rails-rds-all.graphml
@@ -1,265 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.14.2-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="478.6165008544913" y="1358.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="28.87890625" x="22.185546875" y="15.93359375">Vuls<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="711.9623756408686" y="1043.7241210937468"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="38.623046875" x="17.3134765625" y="15.93359375">Nginx<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="711.9623756408686" y="1287.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="42.7890625" x="15.23046875" y="15.93359375">MySQL<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n3" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="101.666015625" width="291.7208747863772" x="602.72693824768" y="1146.2994791666624"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="291.7208747863772" x="0.0" y="0.0">Web/App</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="23" leftF="23.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 5</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n3:">
-        <node id="n3::n0">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="640.72693824768" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n1">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="723.4623756408686" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n2">
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="806.1978130340572" y="1182.9654947916624"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <node id="n4">
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="821.1978130340572" y="1287.206868489578"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="35.412109375" x="18.9189453125" y="15.93359375">Redis<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <edge id="e0" source="n3" target="n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n3" target="n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n3::n0">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e3" source="n0" target="n3::n1">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e4" source="n0" target="n3::n2">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e5" source="n3" target="n4">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e6" source="n0" target="n4">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e7" source="n0" target="n1">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n0" target="n2">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="dashed" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>
--- a/img/vuls-usecase-elb-rails-rds-all.png
+++ b/img/vuls-usecase-elb-rails-rds-all.png
--- a/img/vuls-usecase-elb-rails-rds-single.graphml
+++ b/img/vuls-usecase-elb-rails-rds-single.graphml
@@ -1,194 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.14.2-->
-  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
-  <key for="port" id="d1" yfiles.type="portgraphics"/>
-  <key for="port" id="d2" yfiles.type="portgeometry"/>
-  <key for="port" id="d3" yfiles.type="portuserdata"/>
-  <key attr.name="url" attr.type="string" for="node" id="d4"/>
-  <key attr.name="description" attr.type="string" for="node" id="d5"/>
-  <key for="node" id="d6" yfiles.type="nodegraphics"/>
-  <key for="graphml" id="d7" yfiles.type="resources"/>
-  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
-  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
-  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
-  <graph edgedefault="directed" id="G">
-    <data key="d0"/>
-    <node id="n0">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="508.30825042724564" y="1132.4827473958312"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="28.87890625" x="22.185546875" y="15.93359375">Vuls<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n1">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="749.6541252136229" y="993.2413736979156"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="23.8046875" x="24.72265625" y="15.93359375">ELB<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n2">
-      <data key="d5"/>
-      <data key="d6">
-        <y:ShapeNode>
-          <y:Geometry height="50.0" width="73.25" x="749.6541252136229" y="1236.7241210937468"/>
-          <y:Fill color="#C0C0C0" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="27.0390625" x="23.10546875" y="15.93359375">RDS<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-          <y:Shape type="roundrectangle"/>
-        </y:ShapeNode>
-      </data>
-    </node>
-    <node id="n3" yfiles.foldertype="group">
-      <data key="d4"/>
-      <data key="d5"/>
-      <data key="d6">
-        <y:ProxyAutoBoundsNode>
-          <y:Realizers active="0">
-            <y:GroupNode>
-              <y:Geometry height="101.666015625" width="291.7208747863772" x="640.4186878204343" y="1095.8167317708312"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="291.7208747863772" x="0.0" y="0.0">Web/App</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="23" leftF="23.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-            <y:GroupNode>
-              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
-              <y:Fill color="#F5F5F5" transparent="false"/>
-              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
-              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" modelName="internal" modelPosition="t" textColor="#000000" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 5</y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
-              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
-              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
-            </y:GroupNode>
-          </y:Realizers>
-        </y:ProxyAutoBoundsNode>
-      </data>
-      <graph edgedefault="directed" id="n3:">
-        <node id="n3::n0">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="678.4186878204343" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n1">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="761.1541252136229" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-        <node id="n3::n2">
-          <data key="d5"/>
-          <data key="d6">
-            <y:ShapeNode>
-              <y:Geometry height="50.0" width="73.25" x="843.8895626068115" y="1132.4827473958312"/>
-              <y:Fill color="#C0C0C0" transparent="false"/>
-              <y:BorderStyle color="#000000" type="line" width="1.0"/>
-              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="31.26953125" x="20.990234375" y="15.93359375">Rails<y:LabelModel>
-                  <y:SmartNodeLabelModel distance="4.0"/>
-                </y:LabelModel>
-                <y:ModelParameter>
-                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-                </y:ModelParameter>
-              </y:NodeLabel>
-              <y:Shape type="roundrectangle"/>
-            </y:ShapeNode>
-          </data>
-        </node>
-      </graph>
-    </node>
-    <edge id="e0" source="n3" target="n1">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e1" source="n3" target="n2">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e2" source="n0" target="n3::n0">
-      <data key="d9"/>
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-  </graph>
-  <data key="d7">
-    <y:Resources/>
-  </data>
-</graphml>
--- a/img/vuls-usecase-elb-rails-rds-single.png
+++ b/img/vuls-usecase-elb-rails-rds-single.png
--- a/libmanager/libManager.go
+++ b/libmanager/libManager.go
@@ -17,8 +17,9 @@ import (
 	"github.com/future-architect/vuls/util"
 )

-// FillLibrary fills LibraryScanner informations
-func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
+// DetectLibsCves fills LibraryScanner information
+func DetectLibsCves(r *models.ScanResult) (err error) {
+	totalCnt := 0
 	if len(r.LibraryScanners) == 0 {
 		return
 	}
@@ -26,32 +27,40 @@ func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
 	// initialize trivy's logger and db
 	err = log.InitLogger(false, false)
 	if err != nil {
-		return 0, err
+		return err
 	}

 	util.Log.Info("Updating library db...")
 	if err := downloadDB(config.Version, config.Conf.TrivyCacheDBDir, config.Conf.NoProgress, false, false); err != nil {
-		return 0, err
+		return err
 	}

 	if err := db2.Init(config.Conf.TrivyCacheDBDir); err != nil {
-		return 0, err
+		return err
 	}
 	defer db2.Close()

 	for _, lib := range r.LibraryScanners {
 		vinfos, err := lib.Scan()
 		if err != nil {
-			return 0, err
+			return err
 		}
 		for _, vinfo := range vinfos {
 			vinfo.Confidences.AppendIfMissing(models.TrivyMatch)
-			r.ScannedCves[vinfo.CveID] = vinfo
+			if v, ok := r.ScannedCves[vinfo.CveID]; !ok {
+				r.ScannedCves[vinfo.CveID] = vinfo
+			} else {
+				v.LibraryFixedIns = append(v.LibraryFixedIns, vinfo.LibraryFixedIns...)
+				r.ScannedCves[vinfo.CveID] = v
+			}
 		}
 		totalCnt += len(vinfos)
 	}

-	return totalCnt, nil
+	util.Log.Infof("%s: %d CVEs are detected with Library",
+		r.FormatServerName(), totalCnt)
+
+	return nil
 }

 func downloadDB(appVersion, cacheDir string, quiet, light, skipUpdate bool) error {
--- a/models/cvecontents.go
+++ b/models/cvecontents.go
@@ -1,6 +1,7 @@
 package models

 import (
+	"strings"
 	"time"

 	"github.com/aquasecurity/trivy-db/pkg/vulnsrc/vulnerability"
@@ -42,15 +43,23 @@ func (v CveContents) Except(exceptCtypes ...CveContentType) (values CveContents)
 	return
 }

-// SourceLinks returns link of source
-func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveContentStr) {
-	if lang == "ja" {
-		if cont, found := v[Jvn]; found && 0 < len(cont.SourceLink) {
-			values = append(values, CveContentStr{Jvn, cont.SourceLink})
+// PrimarySrcURLs returns link of source
+func (v CveContents) PrimarySrcURLs(lang, myFamily, cveID string) (values []CveContentStr) {
+	if cveID == "" {
+		return
+	}
+
+	if cont, found := v[Nvd]; found {
+		for _, r := range cont.References {
+			for _, t := range r.Tags {
+				if t == "Vendor Advisory" {
+					values = append(values, CveContentStr{Nvd, r.Link})
+				}
+			}
 		}
 	}

-	order := CveContentTypes{Nvd, NvdXML, NewCveContentType(myFamily)}
+	order := CveContentTypes{Nvd, NewCveContentType(myFamily), GitHub}
 	for _, ctype := range order {
 		if cont, found := v[ctype]; found {
 			if cont.SourceLink == "" {
@@ -60,7 +69,13 @@ func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveCont
 		}
 	}

-	if len(values) == 0 {
+	if lang == "ja" {
+		if cont, found := v[Jvn]; found && 0 < len(cont.SourceLink) {
+			values = append(values, CveContentStr{Jvn, cont.SourceLink})
+		}
+	}
+
+	if len(values) == 0 && strings.HasPrefix(cveID, "CVE") {
 		return []CveContentStr{{
 			Type:  Nvd,
 			Value: "https://nvd.nist.gov/vuln/detail/" + cveID,
@@ -69,6 +84,22 @@ func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveCont
 	return values
 }

+// PatchURLs returns link of patch
+func (v CveContents) PatchURLs() (urls []string) {
+	cont, found := v[Nvd]
+	if !found {
+		return
+	}
+	for _, r := range cont.References {
+		for _, t := range r.Tags {
+			if t == "Patch" {
+				urls = append(urls, r.Link)
+			}
+		}
+	}
+	return
+}
+
 /*
 // Severities returns Severities
 func (v CveContents) Severities(myFamily string) (values []CveContentStr) {
@@ -184,7 +215,6 @@ type CveContent struct {
 	CweIDs        []string          `json:"cweIDs,omitempty"`
 	Published     time.Time         `json:"published"`
 	LastModified  time.Time         `json:"lastModified"`
-	Mitigation    string            `json:"mitigation"` // RedHat API
 	Optional      map[string]string `json:"optional,omitempty"`
 }

@@ -199,8 +229,6 @@ type CveContentType string
 // NewCveContentType create CveContentType
 func NewCveContentType(name string) CveContentType {
 	switch name {
-	case "nvdxml":
-		return NvdXML
 	case "nvd":
 		return Nvd
 	case "jvn":
@@ -220,31 +248,20 @@ func NewCveContentType(name string) CveContentType {
 	case "microsoft":
 		return Microsoft
 	case "wordpress":
-		return WPVulnDB
+		return WpScan
 	case "amazon":
 		return Amazon
 	case "trivy":
 		return Trivy
-	// case vulnerability.NodejsSecurityWg:
-	// 	return NodeSec
-	// case vulnerability.PythonSafetyDB:
-	// 	return PythonSec
-	// case vulnerability.RustSec:
-	// 	return RustSec
-	// case vulnerability.PhpSecurityAdvisories:
-	// 	return PhpSec
-	// case vulnerability.RubySec:
-	// 	return RubySec
+	case "GitHub":
+		return Trivy
 	default:
 		return Unknown
 	}
 }

 const (
-	// NvdXML is NvdXML
-	NvdXML CveContentType = "nvdxml"
-
-	// Nvd is Nvd
+	// Nvd is Nvd JSON
 	Nvd CveContentType = "nvd"

 	// Jvn is Jvn
@@ -256,7 +273,7 @@ const (
 	// RedHatAPI is RedHat
 	RedHatAPI CveContentType = "redhat_api"

-	// DebianSecurityTracker is Debian Secury tracker
+	// DebianSecurityTracker is Debian Security tracker
 	DebianSecurityTracker CveContentType = "debian_security_tracker"

 	// Debian is Debian
@@ -277,26 +294,14 @@ const (
 	// Microsoft is Microsoft
 	Microsoft CveContentType = "microsoft"

-	// WPVulnDB is WordPress
-	WPVulnDB CveContentType = "wpvulndb"
+	// WpScan is WordPress
+	WpScan CveContentType = "wpscan"

 	// Trivy is Trivy
 	Trivy CveContentType = "trivy"

-	// NodeSec : for JS
-	// NodeSec CveContentType = "node"
-
-	// // PythonSec : for PHP
-	// PythonSec CveContentType = "python"
-
-	// // PhpSec : for PHP
-	// PhpSec CveContentType = "php"
-
-	// // RubySec : for Ruby
-	// RubySec CveContentType = "ruby"
-
-	// // RustSec : for Rust
-	// RustSec CveContentType = "rust"
+	// GitHub is GitHub Security Alerts
+	GitHub CveContentType = "github"

 	// Unknown is Unknown
 	Unknown CveContentType = "unknown"
@@ -308,7 +313,6 @@ type CveContentTypes []CveContentType
 // AllCveContetTypes has all of CveContentTypes
 var AllCveContetTypes = CveContentTypes{
 	Nvd,
-	NvdXML,
 	Jvn,
 	RedHat,
 	RedHatAPI,
@@ -317,13 +321,9 @@ var AllCveContetTypes = CveContentTypes{
 	Amazon,
 	SUSE,
 	DebianSecurityTracker,
-	WPVulnDB,
+	WpScan,
 	Trivy,
-	// NodeSec,
-	// PythonSec,
-	// PhpSec,
-	// RubySec,
-	// RustSec,
+	GitHub,
 }

 // Except returns CveContentTypes except for given args
@@ -354,7 +354,8 @@ type References []Reference

 // Reference has a related link of the CVE
 type Reference struct {
-	Source string `json:"source"`
-	Link   string `json:"link"`
-	RefID  string `json:"refID"`
+	Link   string   `json:"link,omitempty"`
+	Source string   `json:"source,omitempty"`
+	RefID  string   `json:"refID,omitempty"`
+	Tags   []string `json:"tags,omitempty"`
 }
--- a/models/cvecontents_test.go
+++ b/models/cvecontents_test.go
@@ -52,25 +52,43 @@ func TestSourceLinks(t *testing.T) {
 						Type:       RedHat,
 						SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
 					},
-					NvdXML: {
-						Type:       NvdXML,
+					Nvd: {
+						Type: Nvd,
+						References: []Reference{
+							{
+								Link:   "https://lists.apache.org/thread.html/765be3606d865de513f6df9288842c3cf58b09a987c617a535f2b99d@%3Cusers.tapestry.apache.org%3E",
+								Source: "",
+								RefID:  "",
+								Tags:   []string{"Vendor Advisory"},
+							},
+							{
+								Link:   "http://yahoo.com",
+								Source: "",
+								RefID:  "",
+								Tags:   []string{"Vendor"},
+							},
+						},
 						SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
 					},
 				},
 			},
 			out: []CveContentStr{
 				{
-					Type:  Jvn,
-					Value: "https://jvn.jp/vu/JVNVU93610402/",
+					Type:  Nvd,
+					Value: "https://lists.apache.org/thread.html/765be3606d865de513f6df9288842c3cf58b09a987c617a535f2b99d@%3Cusers.tapestry.apache.org%3E",
 				},
 				{
-					Type:  NvdXML,
+					Type:  Nvd,
 					Value: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
 				},
 				{
 					Type:  RedHat,
 					Value: "https://access.redhat.com/security/cve/CVE-2017-6074",
 				},
+				{
+					Type:  Jvn,
+					Value: "https://jvn.jp/vu/JVNVU93610402/",
+				},
 			},
 		},
 		// lang: en
@@ -87,17 +105,9 @@ func TestSourceLinks(t *testing.T) {
 						Type:       RedHat,
 						SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
 					},
-					NvdXML: {
-						Type:       NvdXML,
-						SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
-					},
 				},
 			},
 			out: []CveContentStr{
-				{
-					Type:  NvdXML,
-					Value: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
-				},
 				{
 					Type:  RedHat,
 					Value: "https://access.redhat.com/security/cve/CVE-2017-6074",
@@ -120,71 +130,9 @@ func TestSourceLinks(t *testing.T) {
 		},
 	}
 	for i, tt := range tests {
-		actual := tt.in.cont.SourceLinks(tt.in.lang, "redhat", tt.in.cveID)
+		actual := tt.in.cont.PrimarySrcURLs(tt.in.lang, "redhat", tt.in.cveID)
 		if !reflect.DeepEqual(tt.out, actual) {
 			t.Errorf("\n[%d] expected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
 	}
 }
-
-func TestVendorLink(t *testing.T) {
-	type in struct {
-		family string
-		vinfo  VulnInfo
-	}
-	var tests = []struct {
-		in  in
-		out map[string]string
-	}{
-		{
-			in: in{
-				family: "redhat",
-				vinfo: VulnInfo{
-					CveID: "CVE-2017-6074",
-					CveContents: CveContents{
-						Jvn: {
-							Type:       Jvn,
-							SourceLink: "https://jvn.jp/vu/JVNVU93610402/",
-						},
-						RedHat: {
-							Type:       RedHat,
-							SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
-						},
-						NvdXML: {
-							Type:       NvdXML,
-							SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
-						},
-					},
-				},
-			},
-			out: map[string]string{
-				"RHEL-CVE": "https://access.redhat.com/security/cve/CVE-2017-6074",
-			},
-		},
-		{
-			in: in{
-				family: "ubuntu",
-				vinfo: VulnInfo{
-					CveID: "CVE-2017-6074",
-					CveContents: CveContents{
-						RedHat: {
-							Type:       Ubuntu,
-							SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
-						},
-					},
-				},
-			},
-			out: map[string]string{
-				"Ubuntu-CVE": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6074",
-			},
-		},
-	}
-	for _, tt := range tests {
-		actual := tt.in.vinfo.VendorLinks(tt.in.family)
-		for k := range tt.out {
-			if tt.out[k] != actual[k] {
-				t.Errorf("\nexpected: %s\n  actual: %s\n", tt.out[k], actual[k])
-			}
-		}
-	}
-}
--- a/models/library.go
+++ b/models/library.go
@@ -10,20 +10,18 @@ import (
 	"github.com/aquasecurity/trivy/pkg/types"
 	"github.com/future-architect/vuls/util"
 	"golang.org/x/xerrors"
-
 	// "github.com/aquasecurity/go-dep-parser/pkg/types"
-	"github.com/knqyf263/go-version"
 )

 // LibraryScanners is an array of LibraryScanner
 type LibraryScanners []LibraryScanner

 // Find : find by name
-func (lss LibraryScanners) Find(name string) map[string]types.Library {
+func (lss LibraryScanners) Find(path, name string) map[string]types.Library {
 	filtered := map[string]types.Library{}
 	for _, ls := range lss {
 		for _, lib := range ls.Libs {
-			if lib.Name == name {
+			if ls.Path == path && lib.Name == name {
 				filtered[ls.Path] = lib
 				break
 			}
@@ -32,6 +30,14 @@ func (lss LibraryScanners) Find(name string) map[string]types.Library {
 	return filtered
 }

+// Total returns total count of pkgs
+func (lss LibraryScanners) Total() (total int) {
+	for _, lib := range lss {
+		total += len(lib.Libs)
+	}
+	return
+}
+
 // LibraryScanner has libraries information
 type LibraryScanner struct {
 	Path string
@@ -40,20 +46,13 @@ type LibraryScanner struct {

 // Scan : scan target library
 func (s LibraryScanner) Scan() ([]VulnInfo, error) {
-	scanner := library.DriverFactory{}.NewDriver(filepath.Base(string(s.Path)))
-	if scanner == nil {
-		return nil, xerrors.New("unknown file type")
+	scanner, err := library.DriverFactory{}.NewDriver(filepath.Base(string(s.Path)))
+	if err != nil {
+		return nil, xerrors.Errorf("Failed to new a library driver: %w", err)
 	}
-
-	var vulnerabilities []VulnInfo
+	var vulnerabilities = []VulnInfo{}
 	for _, pkg := range s.Libs {
-		v, err := version.NewVersion(pkg.Version)
-		if err != nil {
-			util.Log.Debugf("new version cant detected %s@%s", pkg.Name, pkg.Version)
-			continue
-		}
-
-		tvulns, err := scanner.Detect(pkg.Name, v)
+		tvulns, err := scanner.Detect(pkg.Name, pkg.Version)
 		if err != nil {
 			return nil, xerrors.Errorf("failed to detect %s vulnerabilities: %w", scanner.Type(), err)
 		}
@@ -72,7 +71,7 @@ func (s LibraryScanner) convertFanalToVuln(tvulns []types.DetectedVulnerability)
 	for _, tvuln := range tvulns {
 		vinfo, err := s.getVulnDetail(tvuln)
 		if err != nil {
-			util.Log.Debugf("failed to getVulnDetail. err: %s, tvun: %#v", err, tvuln)
+			util.Log.Debugf("failed to getVulnDetail. err: %s, tvuln: %#v", err, tvuln)
 			continue
 		}
 		vulns = append(vulns, vinfo)
@@ -94,6 +93,7 @@ func (s LibraryScanner) getVulnDetail(tvuln types.DetectedVulnerability) (vinfo
 				Key:     s.GetLibraryKey(),
 				Name:    tvuln.PkgName,
 				FixedIn: tvuln.FixedVersion,
+				Path:    s.Path,
 			},
 		}
 	}
@@ -141,4 +141,5 @@ type LibraryFixedIn struct {
 	Key     string `json:"key,omitempty"`
 	Name    string `json:"name,omitempty"`
 	FixedIn string `json:"fixedIn,omitempty"`
+	Path    string `json:"path,omitempty"`
 }
--- a/models/library_test.go
+++ b/models/library_test.go
@@ -4,58 +4,12 @@ import (
 	"reflect"
 	"testing"

-	"github.com/aquasecurity/trivy-db/pkg/db"
-	"github.com/aquasecurity/trivy/pkg/log"
 	"github.com/aquasecurity/trivy/pkg/types"
-	"github.com/aquasecurity/trivy/pkg/utils"
 )

-func TestScan(t *testing.T) {
-	var tests = []struct {
-		path string
-		pkgs []types.Library
-	}{
-		{
-			path: "app/package-lock.json",
-			pkgs: []types.Library{
-				{
-					Name:    "jquery",
-					Version: "2.2.4",
-				},
-				{
-					Name:    "@babel/traverse",
-					Version: "7.4.4",
-				},
-			},
-		},
-	}
-
-	if err := log.InitLogger(false, false); err != nil {
-		t.Errorf("trivy logger failed")
-	}
-
-	cacheDir := utils.DefaultCacheDir()
-	if err := db.Init(cacheDir); err != nil {
-		t.Errorf("trivy db.Init failed")
-	}
-	for _, v := range tests {
-		lib := LibraryScanner{
-			Path: v.path,
-			Libs: v.pkgs,
-		}
-		actual, err := lib.Scan()
-		if err != nil {
-			t.Errorf("error occurred")
-		}
-		if len(actual) == 0 {
-			t.Errorf("no vuln found : actual: %v\n", actual)
-		}
-	}
-	db.Close()
-}
-
 func TestLibraryScanners_Find(t *testing.T) {
 	type args struct {
+		path string
 		name string
 	}
 	tests := []struct {
@@ -77,7 +31,7 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libA"},
+			args: args{"/pathA", "libA"},
 			want: map[string]types.Library{
 				"/pathA": {
 					Name:    "libA",
@@ -107,16 +61,12 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libA"},
+			args: args{"/pathA", "libA"},
 			want: map[string]types.Library{
 				"/pathA": {
 					Name:    "libA",
 					Version: "1.0.0",
 				},
-				"/pathB": {
-					Name:    "libA",
-					Version: "1.0.5",
-				},
 			},
 		},
 		{
@@ -132,13 +82,13 @@ func TestLibraryScanners_Find(t *testing.T) {
 					},
 				},
 			},
-			args: args{"libB"},
+			args: args{"/pathA", "libB"},
 			want: map[string]types.Library{},
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := tt.lss.Find(tt.args.name); !reflect.DeepEqual(got, tt.want) {
+			if got := tt.lss.Find(tt.args.path, tt.args.name); !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("LibraryScanners.Find() = %v, want %v", got, tt.want)
 			}
 		})
--- a/models/packages.go
+++ b/models/packages.go
@@ -3,6 +3,7 @@ package models
 import (
 	"bytes"
 	"fmt"
+	"regexp"
 	"strings"

 	"golang.org/x/xerrors"
@@ -62,13 +63,13 @@ func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool) {
 }

 // FindByFQPN search a package by Fully-Qualified-Package-Name
-func (ps Packages) FindByFQPN(nameVerRelArc string) (*Package, error) {
+func (ps Packages) FindByFQPN(nameVerRel string) (*Package, error) {
 	for _, p := range ps {
-		if nameVerRelArc == p.FQPN() {
+		if nameVerRel == p.FQPN() {
 			return &p, nil
 		}
 	}
-	return nil, xerrors.Errorf("Failed to find the package: %s", nameVerRelArc)
+	return nil, xerrors.Errorf("Failed to find the package: %s", nameVerRel)
 }

 // Package has installed binary packages.
@@ -80,7 +81,7 @@ type Package struct {
 	NewRelease       string               `json:"newRelease"`
 	Arch             string               `json:"arch"`
 	Repository       string               `json:"repository"`
-	Changelog        Changelog            `json:"changelog"`
+	Changelog        *Changelog           `json:"changelog,omitempty"`
 	AffectedProcs    []AffectedProcess    `json:",omitempty"`
 	NeedRestartProcs []NeedRestartProcess `json:",omitempty"`
 }
@@ -95,9 +96,6 @@ func (p Package) FQPN() string {
 	if p.Release != "" {
 		fqpn += fmt.Sprintf("-%s", p.Release)
 	}
-	if p.Arch != "" {
-		fqpn += fmt.Sprintf(".%s", p.Arch)
-	}
 	return fqpn
 }

@@ -173,9 +171,44 @@ type Changelog struct {

 // AffectedProcess keep a processes information affected by software update
 type AffectedProcess struct {
-	PID         string   `json:"pid,omitempty"`
-	Name        string   `json:"name,omitempty"`
-	ListenPorts []string `json:"listenPorts,omitempty"`
+	PID             string     `json:"pid,omitempty"`
+	Name            string     `json:"name,omitempty"`
+	ListenPorts     []string   `json:"listenPorts,omitempty"`
+	ListenPortStats []PortStat `json:"listenPortStats,omitempty"`
+}
+
+// PortStat has the result of parsing the port information to the address and port.
+type PortStat struct {
+	BindAddress     string   `json:"bindAddress"`
+	Port            string   `json:"port"`
+	PortReachableTo []string `json:"portReachableTo"`
+}
+
+// NewPortStat create a PortStat from ipPort str
+func NewPortStat(ipPort string) (*PortStat, error) {
+	if ipPort == "" {
+		return &PortStat{}, nil
+	}
+	sep := strings.LastIndex(ipPort, ":")
+	if sep == -1 {
+		return nil, xerrors.Errorf("Failed to parse IP:Port: %s", ipPort)
+	}
+	return &PortStat{
+		BindAddress: ipPort[:sep],
+		Port:        ipPort[sep+1:],
+	}, nil
+}
+
+// HasReachablePort checks if Package.AffectedProcs has PortReachableTo
+func (p Package) HasReachablePort() bool {
+	for _, ap := range p.AffectedProcs {
+		for _, lp := range ap.ListenPortStats {
+			if len(lp.PortReachableTo) > 0 {
+				return true
+			}
+		}
+	}
+	return false
 }

 // NeedRestartProcess keep a processes information affected by software update
@@ -227,3 +260,28 @@ func (s SrcPackages) FindByBinName(name string) (*SrcPackage, bool) {
 	}
 	return nil, false
 }
+
+// raspiPackNamePattern is a regular expression pattern to detect the Raspberry Pi specific package from the package name.
+// e.g. libraspberrypi-dev, rpi-eeprom, python3-rpi.gpio, pi-bluetooth
+var raspiPackNamePattern = regexp.MustCompile(`(.*raspberry.*|^rpi.*|.*-rpi.*|^pi-.*)`)
+
+// raspiPackNamePattern is a regular expression pattern to detect the Raspberry Pi specific package from the version.
+// e.g. ffmpeg 7:4.1.4-1+rpt7~deb10u1, vlc 3.0.10-0+deb10u1+rpt2
+var raspiPackVersionPattern = regexp.MustCompile(`.+\+rp(t|i)\d+`)
+
+// raspiPackNameList is a package name array of Raspberry Pi specific packages that are difficult to detect with regular expressions.
+var raspiPackNameList = []string{"piclone", "pipanel", "pishutdown", "piwiz", "pixflat-icons"}
+
+// IsRaspbianPackage judges whether it is a package related to Raspberry Pi from the package name and version
+func IsRaspbianPackage(name, version string) bool {
+	if raspiPackNamePattern.MatchString(name) || raspiPackVersionPattern.MatchString(version) {
+		return true
+	}
+	for _, n := range raspiPackNameList {
+		if n == name {
+			return true
+		}
+	}
+
+	return false
+}
--- a/models/packages_test.go
+++ b/models/packages_test.go
@@ -287,7 +287,7 @@ func TestPackage_FormatVersionFromTo(t *testing.T) {
 				NewRelease:       tt.fields.NewRelease,
 				Arch:             tt.fields.Arch,
 				Repository:       tt.fields.Repository,
-				Changelog:        tt.fields.Changelog,
+				Changelog:        &tt.fields.Changelog,
 				AffectedProcs:    tt.fields.AffectedProcs,
 				NeedRestartProcs: tt.fields.NeedRestartProcs,
 			}
@@ -297,3 +297,134 @@ func TestPackage_FormatVersionFromTo(t *testing.T) {
 		})
 	}
 }
+
+func Test_IsRaspbianPackage(t *testing.T) {
+	type args struct {
+		name string
+		ver  string
+	}
+	tests := []struct {
+		name   string
+		in     []args
+		expect []bool
+	}{
+		{
+			name: "nameRegExp",
+			in: []args{
+				{
+					name: "libraspberrypi-dev",
+					ver:  "1.20200811-1",
+				},
+				{
+					name: "rpi-eeprom",
+					ver:  "7.10-1",
+				},
+				{
+					name: "python3-rpi.gpio",
+					ver:  "0.7.0-0.1~bpo10+1",
+				},
+				{
+					name: "arping",
+					ver:  "2.19-6",
+				},
+				{
+					name: "pi-bluetooth",
+					ver:  "0.1.14",
+				},
+			},
+			expect: []bool{true, true, true, false, true, false},
+		},
+		{
+			name: "verRegExp",
+			in: []args{
+				{
+					name: "ffmpeg",
+					ver:  "7:4.1.6-1~deb10u1+rpt1",
+				},
+				{
+					name: "gcc",
+					ver:  "4:8.3.0-1+rpi2",
+				},
+			},
+			expect: []bool{true, true},
+		},
+		{
+			name: "nameList",
+			in: []args{
+				{
+					name: "piclone",
+					ver:  "0.16",
+				},
+			},
+			expect: []bool{true},
+		},
+		{
+			name: "debianPackage",
+			in: []args{
+				{
+					name: "apt",
+					ver:  "1.8.2.1",
+				},
+			},
+			expect: []bool{false},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			for i, p := range tt.in {
+				ret := IsRaspbianPackage(p.name, p.ver)
+				if !reflect.DeepEqual(ret, tt.expect[i]) {
+					t.Errorf("[%s->%s] expected: %t, actual: %t, in: %#v", tt.name, tt.in[i].name, tt.expect[i], ret, tt.in[i])
+				}
+			}
+		})
+	}
+}
+
+func Test_parseListenPorts(t *testing.T) {
+	tests := []struct {
+		name   string
+		args   string
+		expect PortStat
+	}{{
+		name: "empty",
+		args: "",
+		expect: PortStat{
+			BindAddress: "",
+			Port:        "",
+		},
+	}, {
+		name: "normal",
+		args: "127.0.0.1:22",
+		expect: PortStat{
+			BindAddress: "127.0.0.1",
+			Port:        "22",
+		},
+	}, {
+		name: "asterisk",
+		args: "*:22",
+		expect: PortStat{
+			BindAddress: "*",
+			Port:        "22",
+		},
+	}, {
+		name: "ipv6_loopback",
+		args: "[::1]:22",
+		expect: PortStat{
+			BindAddress: "[::1]",
+			Port:        "22",
+		},
+	}}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			listenPort, err := NewPortStat(tt.args)
+			if err != nil {
+				t.Errorf("unexpected error occurred: %s", err)
+			} else if !reflect.DeepEqual(*listenPort, tt.expect) {
+				t.Errorf("base.parseListenPorts() = %v, want %v", *listenPort, tt.expect)
+			}
+		})
+	}
+}
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -3,6 +3,7 @@ package models
 import (
 	"bytes"
 	"fmt"
+	"reflect"
 	"regexp"
 	"strings"
 	"time"
@@ -47,7 +48,8 @@ type ScanResult struct {
 	RunningKernel     Kernel                 `json:"runningKernel"`
 	Packages          Packages               `json:"packages"`
 	SrcPackages       SrcPackages            `json:",omitempty"`
-	WordPressPackages *WordPressPackages     `json:",omitempty"`
+	EnabledDnfModules []string               `json:"enabledDnfModules,omitempty"` // for dnf modules
+	WordPressPackages WordPressPackages      `json:",omitempty"`
 	LibraryScanners   LibraryScanners        `json:"libraries,omitempty"`
 	CweDict           CweDict                `json:"cweDict,omitempty"`
 	Optional          map[string]interface{} `json:",omitempty"`
@@ -126,13 +128,7 @@ type Kernel struct {
 // FilterByCvssOver is filter function.
 func (r ScanResult) FilterByCvssOver(over float64) ScanResult {
 	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
-		v2Max := v.MaxCvss2Score()
-		v3Max := v.MaxCvss3Score()
-		max := v2Max.Value.Score
-		if max < v3Max.Value.Score {
-			max = v3Max.Value.Score
-		}
-		if over <= max {
+		if over <= v.MaxCvssScore().Value.Score {
 			return true
 		}
 		return false
@@ -143,11 +139,12 @@ func (r ScanResult) FilterByCvssOver(over float64) ScanResult {

 // FilterIgnoreCves is filter function.
 func (r ScanResult) FilterIgnoreCves() ScanResult {
-
 	ignoreCves := []string{}
 	if len(r.Container.Name) == 0 {
+		//TODO pass by args
 		ignoreCves = config.Conf.Servers[r.ServerName].IgnoreCves
 	} else {
+		//TODO pass by args
 		if s, ok := config.Conf.Servers[r.ServerName]; ok {
 			if con, ok := s.Containers[r.Container.Name]; ok {
 				ignoreCves = con.IgnoreCves
@@ -174,8 +171,8 @@ func (r ScanResult) FilterIgnoreCves() ScanResult {
 }

 // FilterUnfixed is filter function.
-func (r ScanResult) FilterUnfixed() ScanResult {
-	if !config.Conf.IgnoreUnfixed {
+func (r ScanResult) FilterUnfixed(ignoreUnfixed bool) ScanResult {
+	if !ignoreUnfixed {
 		return r
 	}
 	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
@@ -195,8 +192,9 @@ func (r ScanResult) FilterUnfixed() ScanResult {

 // FilterIgnorePkgs is filter function.
 func (r ScanResult) FilterIgnorePkgs() ScanResult {
-	ignorePkgsRegexps := []string{}
+	var ignorePkgsRegexps []string
 	if len(r.Container.Name) == 0 {
+		//TODO pass by args
 		ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
 	} else {
 		if s, ok := config.Conf.Servers[r.ServerName]; ok {
@@ -216,7 +214,7 @@ func (r ScanResult) FilterIgnorePkgs() ScanResult {
 	for _, pkgRegexp := range ignorePkgsRegexps {
 		re, err := regexp.Compile(pkgRegexp)
 		if err != nil {
-			util.Log.Errorf("Faild to parse %s. err: %+v", pkgRegexp, err)
+			util.Log.Errorf("Failed to parse %s. err: %+v", pkgRegexp, err)
 			continue
 		} else {
 			regexps = append(regexps, re)
@@ -249,8 +247,8 @@ func (r ScanResult) FilterIgnorePkgs() ScanResult {
 }

 // FilterInactiveWordPressLibs is filter function.
-func (r ScanResult) FilterInactiveWordPressLibs() ScanResult {
-	if !config.Conf.Servers[r.ServerName].WordPress.IgnoreInactive {
+func (r ScanResult) FilterInactiveWordPressLibs(detectInactive bool) ScanResult {
+	if detectInactive {
 		return r
 	}

@@ -339,22 +337,30 @@ func (r ScanResult) FormatServerName() (name string) {
 	return
 }

-// FormatTextReportHeadedr returns header of text report
-func (r ScanResult) FormatTextReportHeadedr() string {
+// FormatTextReportHeader returns header of text report
+func (r ScanResult) FormatTextReportHeader() string {
 	var buf bytes.Buffer
 	for i := 0; i < len(r.ServerInfo()); i++ {
 		buf.WriteString("=")
 	}

-	return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s, %s\n",
+	pkgs := r.FormatUpdatablePacksSummary()
+	if 0 < len(r.WordPressPackages) {
+		pkgs = fmt.Sprintf("%s, %d WordPress pkgs", pkgs, len(r.WordPressPackages))
+	}
+	if 0 < len(r.LibraryScanners) {
+		pkgs = fmt.Sprintf("%s, %d libs", pkgs, r.LibraryScanners.Total())
+	}
+
+	return fmt.Sprintf("%s\n%s\n%s\n%s, %s, %s, %s\n%s\n",
 		r.ServerInfo(),
 		buf.String(),
 		r.ScannedCves.FormatCveSummary(),
 		r.ScannedCves.FormatFixedStatus(r.Packages),
-		r.FormatUpdatablePacksSummary(),
 		r.FormatExploitCveSummary(),
+		r.FormatMetasploitCveSummary(),
 		r.FormatAlertSummary(),
-	)
+		pkgs)
 }

 // FormatUpdatablePacksSummary returns a summary of updatable packages
@@ -385,10 +391,21 @@ func (r ScanResult) FormatExploitCveSummary() string {
 			nExploitCve++
 		}
 	}
-	return fmt.Sprintf("%d exploits", nExploitCve)
+	return fmt.Sprintf("%d poc", nExploitCve)
 }

-// FormatAlertSummary returns a summary of XCERT alerts
+// FormatMetasploitCveSummary returns a summary of exploit cve
+func (r ScanResult) FormatMetasploitCveSummary() string {
+	nMetasploitCve := 0
+	for _, vuln := range r.ScannedCves {
+		if 0 < len(vuln.Metasploits) {
+			nMetasploitCve++
+		}
+	}
+	return fmt.Sprintf("%d exploits", nMetasploitCve)
+}
+
+// FormatAlertSummary returns a summary of CERT alerts
 func (r ScanResult) FormatAlertSummary() string {
 	jaCnt := 0
 	enCnt := 0
@@ -404,7 +421,12 @@ func (r ScanResult) FormatAlertSummary() string {
 }

 func (r ScanResult) isDisplayUpdatableNum() bool {
+	if r.Family == config.FreeBSD {
+		return false
+	}
+
 	var mode config.ScanMode
+	//TODO pass by args
 	s, _ := config.Conf.Servers[r.ServerName]
 	mode = s.Mode

@@ -437,10 +459,8 @@ func (r ScanResult) IsContainer() bool {
 // IsDeepScanMode checks if the scan mode is deep scan mode.
 func (r ScanResult) IsDeepScanMode() bool {
 	for _, s := range r.Config.Scan.Servers {
-		for _, m := range s.ScanMode {
-			if m == "deep" {
-				return true
-			}
+		if ok := s.Mode.IsDeep(); ok {
+			return true
 		}
 	}
 	return false
@@ -460,3 +480,51 @@ type Platform struct {
 	Name       string `json:"name"` // aws or azure or gcp or other...
 	InstanceID string `json:"instanceID"`
 }
+
+// RemoveRaspbianPackFromResult is for Raspberry Pi and removes the Raspberry Pi dedicated package from ScanResult.
+func (r ScanResult) RemoveRaspbianPackFromResult() ScanResult {
+	if r.Family != config.Raspbian {
+		return r
+	}
+
+	result := r
+	packs := make(Packages)
+	for _, pack := range r.Packages {
+		if !IsRaspbianPackage(pack.Name, pack.Version) {
+			packs[pack.Name] = pack
+		}
+	}
+	srcPacks := make(SrcPackages)
+	for _, pack := range r.SrcPackages {
+		if !IsRaspbianPackage(pack.Name, pack.Version) {
+			srcPacks[pack.Name] = pack
+
+		}
+	}
+
+	result.Packages = packs
+	result.SrcPackages = srcPacks
+
+	return result
+}
+
+// ClearFields clears a given fields of ScanResult
+func (r ScanResult) ClearFields(targetTagNames []string) ScanResult {
+	if len(targetTagNames) == 0 {
+		return r
+	}
+	target := map[string]bool{}
+	for _, n := range targetTagNames {
+		target[strings.ToLower(n)] = true
+	}
+	t := reflect.ValueOf(r).Type()
+	for i := 0; i < t.NumField(); i++ {
+		f := t.Field(i)
+		jsonValue := strings.Split(f.Tag.Get("json"), ",")[0]
+		if ok := target[strings.ToLower(jsonValue)]; ok {
+			vv := reflect.New(f.Type).Elem().Interface()
+			reflect.ValueOf(&r).Elem().FieldByName(f.Name).Set(reflect.ValueOf(vv))
+		}
+	}
+	return r
+}
--- a/models/scanresults_test.go
+++ b/models/scanresults_test.go
@@ -18,6 +18,7 @@ func TestFilterByCvssOver(t *testing.T) {
 		in  in
 		out ScanResult
 	}{
+		//0
 		{
 			in: in{
 				over: 7.0,
@@ -27,7 +28,7 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0001",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:         NvdXML,
+									Type:         Nvd,
 									CveID:        "CVE-2017-0001",
 									Cvss2Score:   7.1,
 									LastModified: time.Time{},
@@ -38,7 +39,7 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0002",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:         NvdXML,
+									Type:         Nvd,
 									CveID:        "CVE-2017-0002",
 									Cvss2Score:   6.9,
 									LastModified: time.Time{},
@@ -49,7 +50,7 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0003",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:         NvdXML,
+									Type:         Nvd,
 									CveID:        "CVE-2017-0003",
 									Cvss2Score:   6.9,
 									LastModified: time.Time{},
@@ -71,7 +72,7 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0001",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:         NvdXML,
+								Type:         Nvd,
 								CveID:        "CVE-2017-0001",
 								Cvss2Score:   7.1,
 								LastModified: time.Time{},
@@ -82,7 +83,7 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0003",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:         NvdXML,
+								Type:         Nvd,
 								CveID:        "CVE-2017-0003",
 								Cvss2Score:   6.9,
 								LastModified: time.Time{},
@@ -98,7 +99,7 @@ func TestFilterByCvssOver(t *testing.T) {
 				},
 			},
 		},
-		// OVAL Severity
+		//1 OVAL Severity
 		{
 			in: in{
 				over: 7.0,
@@ -110,7 +111,7 @@ func TestFilterByCvssOver(t *testing.T) {
 								CveContent{
 									Type:          Ubuntu,
 									CveID:         "CVE-2017-0001",
-									Cvss2Severity: "HIGH",
+									Cvss3Severity: "HIGH",
 									LastModified:  time.Time{},
 								},
 							),
@@ -119,9 +120,9 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0002",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:          RedHat,
+									Type:          Debian,
 									CveID:         "CVE-2017-0002",
-									Cvss2Severity: "CRITICAL",
+									Cvss3Severity: "CRITICAL",
 									LastModified:  time.Time{},
 								},
 							),
@@ -130,9 +131,9 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0003",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:          Oracle,
+									Type:          GitHub,
 									CveID:         "CVE-2017-0003",
-									Cvss2Severity: "IMPORTANT",
+									Cvss3Severity: "IMPORTANT",
 									LastModified:  time.Time{},
 								},
 							),
@@ -148,7 +149,7 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveContent{
 								Type:          Ubuntu,
 								CveID:         "CVE-2017-0001",
-								Cvss2Severity: "HIGH",
+								Cvss3Severity: "HIGH",
 								LastModified:  time.Time{},
 							},
 						),
@@ -157,9 +158,9 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0002",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:          RedHat,
+								Type:          Debian,
 								CveID:         "CVE-2017-0002",
-								Cvss2Severity: "CRITICAL",
+								Cvss3Severity: "CRITICAL",
 								LastModified:  time.Time{},
 							},
 						),
@@ -168,9 +169,9 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0003",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:          Oracle,
+								Type:          GitHub,
 								CveID:         "CVE-2017-0003",
-								Cvss2Severity: "IMPORTANT",
+								Cvss3Severity: "IMPORTANT",
 								LastModified:  time.Time{},
 							},
 						),
@@ -179,13 +180,14 @@ func TestFilterByCvssOver(t *testing.T) {
 			},
 		},
 	}
-	for _, tt := range tests {
+	pp.ColoringEnabled = false
+	for i, tt := range tests {
 		actual := tt.in.rs.FilterByCvssOver(tt.in.over)
 		for k := range tt.out.ScannedCves {
 			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
 				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
 				a := pp.Sprintf("%v", actual.ScannedCves[k])
-				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+				t.Errorf("[%d: %s] expected: %v\n  actual: %v\n", i, k, o, a)
 			}
 		}
 	}
@@ -392,8 +394,7 @@ func TestFilterUnfixed(t *testing.T) {
 		},
 	}
 	for i, tt := range tests {
-		config.Conf.IgnoreUnfixed = true
-		actual := tt.in.FilterUnfixed()
+		actual := tt.in.FilterUnfixed(true)
 		if !reflect.DeepEqual(tt.out.ScannedCves, actual.ScannedCves) {
 			o := pp.Sprintf("%v", tt.out.ScannedCves)
 			a := pp.Sprintf("%v", actual.ScannedCves)
@@ -688,7 +689,7 @@ func TestIsDisplayUpdatableNum(t *testing.T) {
 		{
 			mode:     []byte{config.Fast},
 			family:   config.FreeBSD,
-			expected: true,
+			expected: false,
 		},
 		{
 			mode:     []byte{config.Fast},
--- a/models/utils.go
+++ b/models/utils.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package models

 import (
@@ -6,60 +8,18 @@ import (
 	cvedict "github.com/kotakanbe/go-cve-dictionary/models"
 )

-// ConvertNvdXMLToModel convert NVD to CveContent
-func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent {
-	if nvd == nil {
-		return nil
-	}
-	var cpes []Cpe
-	for _, c := range nvd.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
-	}
-
-	var refs []Reference
-	for _, r := range nvd.References {
-		refs = append(refs, Reference{
-			Link:   r.Link,
-			Source: r.Source,
-		})
-	}
-
-	cweIDs := []string{}
-	for _, cid := range nvd.Cwes {
-		cweIDs = append(cweIDs, cid.CweID)
-	}
-
-	return &CveContent{
-		Type:          Nvd,
-		CveID:         cveID,
-		Summary:       nvd.Summary,
-		Cvss2Score:    nvd.Cvss2.BaseScore,
-		Cvss2Vector:   nvd.Cvss2.VectorString,
-		Cvss2Severity: nvd.Cvss2.Severity,
-		SourceLink:    "https://nvd.nist.gov/vuln/detail/" + cveID,
-		// Cpes:          cpes,
-		CweIDs:       cweIDs,
-		References:   refs,
-		Published:    nvd.PublishedDate,
-		LastModified: nvd.LastModifiedDate,
-	}
-}
-
 // ConvertJvnToModel convert JVN to CveContent
 func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent {
 	if jvn == nil {
 		return nil
 	}
-	var cpes []Cpe
-	for _, c := range jvn.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
-	}
+	// var cpes = []Cpe{}
+	// for _, c := range jvn.Cpes {
+	// 	cpes = append(cpes, Cpe{
+	// 		FormattedString: c.FormattedString,
+	// 		URI:             c.URI,
+	// 	})
+	// }

 	refs := []Reference{}
 	for _, r := range jvn.References {
@@ -89,24 +49,45 @@ func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent {
 }

 // ConvertNvdJSONToModel convert NVD to CveContent
-func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent {
+func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) (*CveContent, []Exploit, []Mitigation) {
 	if nvd == nil {
-		return nil
-	}
-	var cpes []Cpe
-	for _, c := range nvd.Cpes {
-		cpes = append(cpes, Cpe{
-			FormattedString: c.FormattedString,
-			URI:             c.URI,
-		})
+		return nil, nil, nil
 	}
+	// var cpes = []Cpe{}
+	// for _, c := range nvd.Cpes {
+	// 	cpes = append(cpes, Cpe{
+	// 		FormattedString: c.FormattedString,
+	// 		URI:             c.URI,
+	// 	})
+	// }

-	var refs []Reference
+	refs := []Reference{}
+	exploits := []Exploit{}
+	mitigations := []Mitigation{}
 	for _, r := range nvd.References {
+		var tags []string
+		if 0 < len(r.Tags) {
+			tags = strings.Split(r.Tags, ",")
+		}
 		refs = append(refs, Reference{
 			Link:   r.Link,
 			Source: r.Source,
+			Tags:   tags,
 		})
+		if strings.Contains(r.Tags, "Exploit") {
+			exploits = append(exploits, Exploit{
+				//TODO Add const to here
+				// https://github.com/vulsio/go-exploitdb/blob/master/models/exploit.go#L13-L18
+				ExploitType: "nvd",
+				URL:         r.Link,
+			})
+		}
+		if strings.Contains(r.Tags, "Mitigation") {
+			mitigations = append(mitigations, Mitigation{
+				CveContentType: Nvd,
+				URL:            r.Link,
+			})
+		}
 	}

 	cweIDs := []string{}
@@ -135,5 +116,5 @@ func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent {
 		References:   refs,
 		Published:    nvd.PublishedDate,
 		LastModified: nvd.LastModifiedDate,
-	}
+	}, exploits, mitigations
 }
--- a/models/vulninfos.go
+++ b/models/vulninfos.go
@@ -8,7 +8,7 @@ import (
 	"time"

 	"github.com/future-architect/vuls/config"
-	exploitmodels "github.com/mozqnet/go-exploitdb/models"
+	exploitmodels "github.com/vulsio/go-exploitdb/models"
 )

 // VulnInfos has a map of VulnInfo
@@ -57,11 +57,13 @@ func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {
 func (v VulnInfos) CountGroupBySeverity() map[string]int {
 	m := map[string]int{}
 	for _, vInfo := range v {
-		score := vInfo.MaxCvss2Score().Value.Score
+		score := vInfo.MaxCvss3Score().Value.Score
 		if score < 0.1 {
-			score = vInfo.MaxCvss3Score().Value.Score
+			score = vInfo.MaxCvss2Score().Value.Score
 		}
 		switch {
+		case 9 <= score:
+			m["Critical"]++
 		case 7.0 <= score:
 			m["High"]++
 		case 4.0 <= score:
@@ -76,16 +78,22 @@ func (v VulnInfos) CountGroupBySeverity() map[string]int {
 }

 // FormatCveSummary summarize the number of CVEs group by CVSSv2 Severity
-func (v VulnInfos) FormatCveSummary() string {
+func (v VulnInfos) FormatCveSummary() (line string) {
 	m := v.CountGroupBySeverity()
-
 	if config.Conf.IgnoreUnscoredCves {
-		return fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
-			m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"])
+		line = fmt.Sprintf("Total: %d (Critical:%d High:%d Medium:%d Low:%d)",
+			m["High"]+m["Medium"]+m["Low"], m["Critical"], m["High"], m["Medium"], m["Low"])
+	} else {
+		line = fmt.Sprintf("Total: %d (Critical:%d High:%d Medium:%d Low:%d ?:%d)",
+			m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
+			m["Critical"], m["High"], m["Medium"], m["Low"], m["Unknown"])
 	}
-	return fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
-		m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
-		m["High"], m["Medium"], m["Low"], m["Unknown"])
+
+	if config.Conf.DiffMinus || config.Conf.DiffPlus {
+		nPlus, nMinus := v.CountDiff()
+		line = fmt.Sprintf("%s +%d -%d", line, nPlus, nMinus)
+	}
+	return line
 }

 // FormatFixedStatus summarize the number of cves are fixed.
@@ -103,6 +111,18 @@ func (v VulnInfos) FormatFixedStatus(packs Packages) string {
 	return fmt.Sprintf("%d/%d Fixed", fixed, total)
 }

+// CountDiff counts the number of added/removed CVE-ID
+func (v VulnInfos) CountDiff() (nPlus int, nMinus int) {
+	for _, vInfo := range v {
+		if vInfo.DiffStatus == DiffPlus {
+			nPlus++
+		} else if vInfo.DiffStatus == DiffMinus {
+			nMinus++
+		}
+	}
+	return
+}
+
 // PackageFixStatuses is a list of PackageStatus
 type PackageFixStatuses []PackageFixStatus

@@ -134,7 +154,7 @@ func (ps PackageFixStatuses) Sort() {
 	return
 }

-// PackageFixStatus has name and other status abount the package
+// PackageFixStatus has name and other status about the package
 type PackageFixStatus struct {
 	Name        string `json:"name,omitempty"`
 	NotFixedYet bool   `json:"notFixedYet,omitempty"`
@@ -147,19 +167,21 @@ type VulnInfo struct {
 	CveID                string               `json:"cveID,omitempty"`
 	Confidences          Confidences          `json:"confidences,omitempty"`
 	AffectedPackages     PackageFixStatuses   `json:"affectedPackages,omitempty"`
-	DistroAdvisories     DistroAdvisories     `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
+	DistroAdvisories     DistroAdvisories     `json:"distroAdvisories,omitempty"` // for Amazon, RHEL, FreeBSD
 	CveContents          CveContents          `json:"cveContents,omitempty"`
 	Exploits             []Exploit            `json:"exploits,omitempty"`
+	Metasploits          []Metasploit         `json:"metasploits,omitempty"`
+	Mitigations          []Mitigation         `json:"mitigations,omitempty"`
 	AlertDict            AlertDict            `json:"alertDict,omitempty"`
 	CpeURIs              []string             `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
 	GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"`
 	WpPackageFixStats    WpPackageFixStats    `json:"wpPackageFixStats,omitempty"`
 	LibraryFixedIns      LibraryFixedIns      `json:"libraryFixedIns,omitempty"`
-
-	VulnType string `json:"vulnType,omitempty"`
+	VulnType             string               `json:"vulnType,omitempty"`
+	DiffStatus           DiffStatus           `json:"diffStatus,omitempty"`
 }

-// Alert has XCERT alert information
+// Alert has CERT alert information
 type Alert struct {
 	URL   string `json:"url,omitempty"`
 	Title string `json:"title,omitempty"`
@@ -232,24 +254,47 @@ func (g WpPackages) Add(pkg WpPackage) WpPackages {
 	return append(g, pkg)
 }

-// Titles returns tilte (TUI)
+// DiffStatus keeps a comparison with the previous detection results for this CVE
+type DiffStatus string
+
+const (
+	// DiffPlus is newly detected CVE
+	DiffPlus = DiffStatus("+")
+
+	// DiffMinus is resolved CVE
+	DiffMinus = DiffStatus("-")
+)
+
+// CveIDDiffFormat format CVE-ID for diff mode
+func (v VulnInfo) CveIDDiffFormat(isDiffMode bool) string {
+	if isDiffMode {
+		return fmt.Sprintf("%s %s", v.DiffStatus, v.CveID)
+	}
+	return fmt.Sprintf("%s", v.CveID)
+}
+
+// Titles returns title (TUI)
 func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr) {
 	if lang == "ja" {
-		if cont, found := v.CveContents[Jvn]; found && 0 < len(cont.Title) {
+		if cont, found := v.CveContents[Jvn]; found && cont.Title != "" {
 			values = append(values, CveContentStr{Jvn, cont.Title})
 		}
 	}

 	// RedHat API has one line title.
-	if cont, found := v.CveContents[RedHatAPI]; found && 0 < len(cont.Title) {
+	if cont, found := v.CveContents[RedHatAPI]; found && cont.Title != "" {
 		values = append(values, CveContentStr{RedHatAPI, cont.Title})
 	}

-	order := CveContentTypes{Trivy, Nvd, NvdXML, NewCveContentType(myFamily)}
+	// GitHub security alerts has a title.
+	if cont, found := v.CveContents[GitHub]; found && cont.Title != "" {
+		values = append(values, CveContentStr{GitHub, cont.Title})
+	}
+
+	order := CveContentTypes{Trivy, Nvd, NewCveContentType(myFamily)}
 	order = append(order, AllCveContetTypes.Except(append(order, Jvn)...)...)
 	for _, ctype := range order {
-		// Only JVN has meaningful title. so return first 100 char of summary
-		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Summary) {
+		if cont, found := v.CveContents[ctype]; found && cont.Summary != "" {
 			summary := strings.Replace(cont.Summary, "\n", " ", -1)
 			values = append(values, CveContentStr{
 				Type:  ctype,
@@ -277,7 +322,7 @@ func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr) {
 // Summaries returns summaries
 func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
 	if lang == "ja" {
-		if cont, found := v.CveContents[Jvn]; found && 0 < len(cont.Summary) {
+		if cont, found := v.CveContents[Jvn]; found && cont.Summary != "" {
 			summary := cont.Title
 			summary += "\n" + strings.Replace(
 				strings.Replace(cont.Summary, "\n", " ", -1), "\r", " ", -1)
@@ -285,10 +330,10 @@ func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
 		}
 	}

-	order := CveContentTypes{Trivy, NewCveContentType(myFamily), Nvd, NvdXML}
+	order := CveContentTypes{Trivy, NewCveContentType(myFamily), Nvd, GitHub}
 	order = append(order, AllCveContetTypes.Except(append(order, Jvn)...)...)
 	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Summary) {
+		if cont, found := v.CveContents[ctype]; found && cont.Summary != "" {
 			summary := strings.Replace(cont.Summary, "\n", " ", -1)
 			values = append(values, CveContentStr{
 				Type:  ctype,
@@ -304,9 +349,9 @@ func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
 		})
 	}

-	if v, ok := v.CveContents[WPVulnDB]; ok {
+	if v, ok := v.CveContents[WpScan]; ok {
 		values = append(values, CveContentStr{
-			Type:  "WPVDB",
+			Type:  WpScan,
 			Value: v.Title,
 		})
 	}
@@ -321,36 +366,12 @@ func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
 	return
 }

-// Mitigations returns mitigations
-func (v VulnInfo) Mitigations(myFamily string) (values []CveContentStr) {
-	order := CveContentTypes{RedHatAPI}
-	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Mitigation) {
-			values = append(values, CveContentStr{
-				Type:  ctype,
-				Value: cont.Mitigation,
-			})
-		}
-	}
-
-	if len(values) == 0 {
-		return []CveContentStr{{
-			Type:  Unknown,
-			Value: "-",
-		}}
-	}
-	return
-}
-
 // Cvss2Scores returns CVSS V2 Scores
-func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
-	order := []CveContentType{Nvd, NvdXML, RedHatAPI, RedHat, Jvn}
-	if myFamily != config.RedHat && myFamily != config.CentOS {
-		order = append(order, NewCveContentType(myFamily))
-	}
+func (v VulnInfo) Cvss2Scores() (values []CveContentCvss) {
+	order := []CveContentType{RedHatAPI, RedHat, Nvd, Jvn}
 	for _, ctype := range order {
 		if cont, found := v.CveContents[ctype]; found {
-			if cont.Cvss2Score == 0 || cont.Cvss2Severity == "" {
+			if cont.Cvss2Score == 0 && cont.Cvss2Severity == "" {
 				continue
 			}
 			// https://nvd.nist.gov/vuln-metrics/cvss
@@ -365,52 +386,17 @@ func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
 			})
 		}
 	}
-
-	for _, adv := range v.DistroAdvisories {
-		if adv.Severity != "" {
-			values = append(values, CveContentCvss{
-				Type: "Advisory",
-				Value: Cvss{
-					Type:                 CVSS2,
-					Score:                severityToV2ScoreRoughly(adv.Severity),
-					CalculatedBySeverity: true,
-					Vector:               "-",
-					Severity:             strings.ToUpper(adv.Severity),
-				},
-			})
-		}
-	}
-
-	// An OVAL entry in Ubuntu and Debian has only severity (CVSS score isn't included).
-	// Show severity and dummy score calculated roughly.
-	order = append(order, AllCveContetTypes.Except(order...)...)
-	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found &&
-			cont.Cvss2Score == 0 &&
-			cont.Cvss3Score == 0 &&
-			cont.Cvss2Severity != "" {
-
-			values = append(values, CveContentCvss{
-				Type: cont.Type,
-				Value: Cvss{
-					Type:                 CVSS2,
-					Score:                severityToV2ScoreRoughly(cont.Cvss2Severity),
-					CalculatedBySeverity: true,
-					Vector:               "-",
-					Severity:             strings.ToUpper(cont.Cvss2Severity),
-				},
-			})
-		}
-	}
-
 	return
 }

 // Cvss3Scores returns CVSS V3 Score
 func (v VulnInfo) Cvss3Scores() (values []CveContentCvss) {
-	order := []CveContentType{Nvd, RedHatAPI, RedHat, Jvn}
+	order := []CveContentType{RedHatAPI, RedHat, Nvd, Jvn}
 	for _, ctype := range order {
 		if cont, found := v.CveContents[ctype]; found {
+			if cont.Cvss3Score == 0 && cont.Cvss3Severity == "" {
+				continue
+			}
 			// https://nvd.nist.gov/vuln-metrics/cvss
 			values = append(values, CveContentCvss{
 				Type: ctype,
@@ -424,131 +410,74 @@ func (v VulnInfo) Cvss3Scores() (values []CveContentCvss) {
 		}
 	}

-	if cont, found := v.CveContents[Trivy]; found && cont.Cvss3Severity != "" {
-		values = append(values, CveContentCvss{
-			Type: Trivy,
-			Value: Cvss{
-				Type:     CVSS3,
-				Score:    severityToV2ScoreRoughly(cont.Cvss3Severity),
-				Severity: strings.ToUpper(cont.Cvss3Severity),
-			},
-		})
-	}
-
-	return
-}
-
-// MaxCvss3Score returns Max CVSS V3 Score
-func (v VulnInfo) MaxCvss3Score() CveContentCvss {
-	order := []CveContentType{Nvd, RedHat, RedHatAPI, Jvn}
-	max := 0.0
-	value := CveContentCvss{
-		Type:  Unknown,
-		Value: Cvss{Type: CVSS3},
-	}
-	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found && max < cont.Cvss3Score {
-			// https://nvd.nist.gov/vuln-metrics/cvss
-			value = CveContentCvss{
+	for _, ctype := range []CveContentType{Debian, DebianSecurityTracker, Ubuntu, Amazon, Trivy, GitHub, WpScan} {
+		if cont, found := v.CveContents[ctype]; found && cont.Cvss3Severity != "" {
+			values = append(values, CveContentCvss{
 				Type: ctype,
 				Value: Cvss{
-					Type:     CVSS3,
-					Score:    cont.Cvss3Score,
-					Vector:   cont.Cvss3Vector,
-					Severity: strings.ToUpper(cont.Cvss3Severity),
+					Type:                 CVSS3,
+					Score:                severityToCvssScoreRoughly(cont.Cvss3Severity),
+					CalculatedBySeverity: true,
+					Severity:             strings.ToUpper(cont.Cvss3Severity),
 				},
-			}
-			max = cont.Cvss3Score
+			})
 		}
 	}
-	return value
+
+	// Memo: Only RedHat, Oracle and Amazon has severity data in advisory.
+	for _, adv := range v.DistroAdvisories {
+		if adv.Severity != "" {
+			score := severityToCvssScoreRoughly(adv.Severity)
+			values = append(values, CveContentCvss{
+				Type: "Vendor",
+				Value: Cvss{
+					Type:                 CVSS3,
+					Score:                score,
+					CalculatedBySeverity: true,
+					Severity:             strings.ToUpper(adv.Severity),
+				},
+			})
+		}
+	}
+	return
 }

 // MaxCvssScore returns max CVSS Score
 // If there is no CVSS Score, return Severity as a numerical value.
 func (v VulnInfo) MaxCvssScore() CveContentCvss {
 	v3Max := v.MaxCvss3Score()
-	v2Max := v.MaxCvss2Score()
-	max := v3Max
-	if max.Type == Unknown {
-		return v2Max
+	if v3Max.Type != Unknown {
+		return v3Max
 	}
+	return v.MaxCvss2Score()
+}

-	if max.Value.Score < v2Max.Value.Score && !v2Max.Value.CalculatedBySeverity {
-		max = v2Max
+// MaxCvss3Score returns Max CVSS V3 Score
+func (v VulnInfo) MaxCvss3Score() CveContentCvss {
+	max := CveContentCvss{
+		Type:  Unknown,
+		Value: Cvss{Type: CVSS3},
+	}
+	for _, cvss := range v.Cvss3Scores() {
+		if max.Value.Score < cvss.Value.Score {
+			max = cvss
+		}
 	}
 	return max
 }

 // MaxCvss2Score returns Max CVSS V2 Score
 func (v VulnInfo) MaxCvss2Score() CveContentCvss {
-	order := []CveContentType{Nvd, NvdXML, RedHat, RedHatAPI, Jvn}
-	max := 0.0
-	value := CveContentCvss{
+	max := CveContentCvss{
 		Type:  Unknown,
 		Value: Cvss{Type: CVSS2},
 	}
-	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found && max < cont.Cvss2Score {
-			// https://nvd.nist.gov/vuln-metrics/cvss
-			value = CveContentCvss{
-				Type: ctype,
-				Value: Cvss{
-					Type:     CVSS2,
-					Score:    cont.Cvss2Score,
-					Vector:   cont.Cvss2Vector,
-					Severity: strings.ToUpper(cont.Cvss2Severity),
-				},
-			}
-			max = cont.Cvss2Score
+	for _, cvss := range v.Cvss2Scores() {
+		if max.Value.Score < cvss.Value.Score {
+			max = cvss
 		}
 	}
-	if 0 < max {
-		return value
-	}
-
-	// If CVSS score isn't on NVD, RedHat and JVN, use OVAL and advisory Severity.
-	// Convert severity to cvss srore roughly, then returns max severity.
-	// Only Ubuntu, RedHat and Oracle have severity data in OVAL.
-	order = []CveContentType{Ubuntu, RedHat, Oracle}
-	for _, ctype := range order {
-		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Cvss2Severity) {
-			score := severityToV2ScoreRoughly(cont.Cvss2Severity)
-			if max < score {
-				value = CveContentCvss{
-					Type: ctype,
-					Value: Cvss{
-						Type:                 CVSS2,
-						Score:                score,
-						CalculatedBySeverity: true,
-						Vector:               cont.Cvss2Vector,
-						Severity:             strings.ToUpper(cont.Cvss2Severity),
-					},
-				}
-			}
-			max = score
-		}
-	}
-
-	// Only RedHat, Oracle and Amazon has severity data in advisory.
-	for _, adv := range v.DistroAdvisories {
-		if adv.Severity != "" {
-			score := severityToV2ScoreRoughly(adv.Severity)
-			if max < score {
-				value = CveContentCvss{
-					Type: "Vendor",
-					Value: Cvss{
-						Type:                 CVSS2,
-						Score:                score,
-						CalculatedBySeverity: true,
-						Vector:               "-",
-						Severity:             adv.Severity,
-					},
-				}
-			}
-		}
-	}
-	return value
+	return max
 }

 // AttackVector returns attack vector string
@@ -614,10 +543,10 @@ type CveContentCvss struct {
 type CvssType string

 const (
-	// CVSS2 means CVSS vesion2
+	// CVSS2 means CVSS version2
 	CVSS2 CvssType = "2"

-	// CVSS3 means CVSS vesion3
+	// CVSS3 means CVSS version3
 	CVSS3 CvssType = "3"
 )

@@ -632,25 +561,29 @@ type Cvss struct {

 // Format CVSS Score and Vector
 func (c Cvss) Format() string {
-	if c.Score == 0 || c.Vector == "" {
-		return c.Severity
+	if c.Vector == "" {
+		return fmt.Sprintf("%s %s", c.SeverityToCvssScoreRange(), c.Severity)
 	}
-	switch c.Type {
-	case CVSS2:
-		return fmt.Sprintf("%3.1f/%s %s", c.Score, c.Vector, c.Severity)
-	case CVSS3:
-		return fmt.Sprintf("%3.1f/%s %s", c.Score, c.Vector, c.Severity)
-	}
-	return ""
+	return fmt.Sprintf("%3.1f/%s %s", c.Score, c.Vector, c.Severity)
 }

-func cvss2ScoreToSeverity(score float64) string {
-	if 7.0 <= score {
-		return "HIGH"
-	} else if 4.0 <= score {
-		return "MEDIUM"
+// SeverityToCvssScoreRange returns CVSS score range
+func (c Cvss) SeverityToCvssScoreRange() string {
+	return severityToCvssScoreRange(c.Severity)
+}
+
+func severityToCvssScoreRange(severity string) string {
+	switch strings.ToUpper(severity) {
+	case "CRITICAL":
+		return "9.0-10.0"
+	case "IMPORTANT", "HIGH":
+		return "7.0-8.9"
+	case "MODERATE", "MEDIUM":
+		return "4.0-6.9"
+	case "LOW":
+		return "0.1-3.9"
 	}
-	return "LOW"
+	return "None"
 }

 // Amazon Linux Security Advisory
@@ -665,7 +598,7 @@ func cvss2ScoreToSeverity(score float64) string {
 // Critical, High, Medium, Low
 // https://wiki.ubuntu.com/Bugs/Importance
 // https://people.canonical.com/~ubuntu-security/cve/priority.html
-func severityToV2ScoreRoughly(severity string) float64 {
+func severityToCvssScoreRoughly(severity string) float64 {
 	switch strings.ToUpper(severity) {
 	case "CRITICAL":
 		return 10.0
@@ -688,70 +621,6 @@ func (v VulnInfo) FormatMaxCvssScore() string {
 		max.Type)
 }

-// Cvss2CalcURL returns CVSS v2 caluclator's URL
-func (v VulnInfo) Cvss2CalcURL() string {
-	return "https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=" + v.CveID
-}
-
-// Cvss3CalcURL returns CVSS v3 caluclator's URL
-func (v VulnInfo) Cvss3CalcURL() string {
-	return "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=" + v.CveID
-}
-
-// VendorLinks returns links of vendor support's URL
-func (v VulnInfo) VendorLinks(family string) map[string]string {
-	links := map[string]string{}
-	if strings.HasPrefix(v.CveID, "WPVDBID") {
-		links["WPVulnDB"] = fmt.Sprintf("https://wpvulndb.com/vulnerabilities/%s",
-			strings.TrimPrefix(v.CveID, "WPVDBID-"))
-		return links
-	}
-
-	switch family {
-	case config.RedHat, config.CentOS:
-		links["RHEL-CVE"] = "https://access.redhat.com/security/cve/" + v.CveID
-		for _, advisory := range v.DistroAdvisories {
-			aidURL := strings.Replace(advisory.AdvisoryID, ":", "-", -1)
-			links[advisory.AdvisoryID] = fmt.Sprintf("https://rhn.redhat.com/errata/%s.html", aidURL)
-		}
-		return links
-	case config.Oracle:
-		links["Oracle-CVE"] = fmt.Sprintf("https://linux.oracle.com/cve/%s.html", v.CveID)
-		for _, advisory := range v.DistroAdvisories {
-			links[advisory.AdvisoryID] =
-				fmt.Sprintf("https://linux.oracle.com/errata/%s.html", advisory.AdvisoryID)
-		}
-		return links
-	case config.Amazon:
-		links["RHEL-CVE"] = "https://access.redhat.com/security/cve/" + v.CveID
-		for _, advisory := range v.DistroAdvisories {
-			if strings.HasPrefix(advisory.AdvisoryID, "ALAS2") {
-				links[advisory.AdvisoryID] =
-					fmt.Sprintf("https://alas.aws.amazon.com/AL2/%s.html",
-						strings.Replace(advisory.AdvisoryID, "ALAS2", "ALAS", -1))
-			} else {
-				links[advisory.AdvisoryID] =
-					fmt.Sprintf("https://alas.aws.amazon.com/%s.html", advisory.AdvisoryID)
-			}
-		}
-		return links
-	case config.Ubuntu:
-		links["Ubuntu-CVE"] = "http://people.ubuntu.com/~ubuntu-security/cve/" + v.CveID
-		return links
-	case config.Debian:
-		links["Debian-CVE"] = "https://security-tracker.debian.org/tracker/" + v.CveID
-	case config.SUSEEnterpriseServer:
-		links["SUSE-CVE"] = "https://www.suse.com/security/cve/" + v.CveID
-	case config.FreeBSD:
-		for _, advisory := range v.DistroAdvisories {
-			links["FreeBSD-VuXML"] = fmt.Sprintf("https://vuxml.freebsd.org/freebsd/%s.html", advisory.AdvisoryID)
-
-		}
-		return links
-	}
-	return links
-}
-
 // DistroAdvisories is a list of DistroAdvisory
 type DistroAdvisories []DistroAdvisory

@@ -800,7 +669,22 @@ type Exploit struct {
 	BinaryURL    *string                   `json:"binaryURL,omitempty"`
 }

-// AlertDict has target cve's JPCERT and USCERT alert data
+// Metasploit :
+type Metasploit struct {
+	Name        string   `json:"name"`
+	Title       string   `json:"title"`
+	Description string   `json:"description,omitempty"`
+	URLs        []string `json:",omitempty"`
+}
+
+// Mitigation has a link and content
+type Mitigation struct {
+	CveContentType CveContentType `json:"cveContentType,omitempty"`
+	Mitigation     string         `json:"mitigation,omitempty"`
+	URL            string         `json:"url,omitempty"`
+}
+
+// AlertDict has target cve JPCERT and USCERT alert data
 type AlertDict struct {
 	Ja []Alert `json:"ja"`
 	En []Alert `json:"en"`
@@ -821,7 +705,7 @@ func (a AlertDict) FormatSource() string {
 // Confidences is a list of Confidence
 type Confidences []Confidence

-// AppendIfMissing appends confidence to the list if missiong
+// AppendIfMissing appends confidence to the list if missing
 func (cs *Confidences) AppendIfMissing(confidence Confidence) {
 	for _, c := range *cs {
 		if c.DetectionMethod == confidence.DetectionMethod {
@@ -839,7 +723,7 @@ func (cs Confidences) SortByConfident() Confidences {
 	return cs
 }

-// Confidence is a ranking how confident the CVE-ID was deteted correctly
+// Confidence is a ranking how confident the CVE-ID was detected correctly
 // Score: 0 - 100
 type Confidence struct {
 	Score           int             `json:"score"`
@@ -887,8 +771,8 @@ const (
 	// GitHubMatchStr is a String representation of GitHubMatch
 	GitHubMatchStr = "GitHubMatch"

-	// WPVulnDBMatchStr is a String representation of WordPress VulnDB scanning
-	WPVulnDBMatchStr = "WPVulnDBMatch"
+	// WpScanMatchStr is a String representation of WordPress VulnDB scanning
+	WpScanMatchStr = "WpScanMatch"

 	// FailedToGetChangelog is a String representation of FailedToGetChangelog
 	FailedToGetChangelog = "FailedToGetChangelog"
@@ -898,36 +782,36 @@ const (
 )

 var (
-	// CpeNameMatch is a ranking how confident the CVE-ID was deteted correctly
+	// CpeNameMatch is a ranking how confident the CVE-ID was detected correctly
 	CpeNameMatch = Confidence{100, CpeNameMatchStr, 1}

-	// YumUpdateSecurityMatch is a ranking how confident the CVE-ID was deteted correctly
+	// YumUpdateSecurityMatch is a ranking how confident the CVE-ID was detected correctly
 	YumUpdateSecurityMatch = Confidence{100, YumUpdateSecurityMatchStr, 2}

-	// PkgAuditMatch is a ranking how confident the CVE-ID was deteted correctly
+	// PkgAuditMatch is a ranking how confident the CVE-ID was detected correctly
 	PkgAuditMatch = Confidence{100, PkgAuditMatchStr, 2}

-	// OvalMatch is a ranking how confident the CVE-ID was deteted correctly
+	// OvalMatch is a ranking how confident the CVE-ID was detected correctly
 	OvalMatch = Confidence{100, OvalMatchStr, 0}

-	// RedHatAPIMatch ranking how confident the CVE-ID was deteted correctly
+	// RedHatAPIMatch ranking how confident the CVE-ID was detected correctly
 	RedHatAPIMatch = Confidence{100, RedHatAPIStr, 0}

-	// DebianSecurityTrackerMatch ranking how confident the CVE-ID was deteted correctly
+	// DebianSecurityTrackerMatch ranking how confident the CVE-ID was detected correctly
 	DebianSecurityTrackerMatch = Confidence{100, DebianSecurityTrackerMatchStr, 0}

-	// TrivyMatch ranking how confident the CVE-ID was deteted correctly
+	// TrivyMatch ranking how confident the CVE-ID was detected correctly
 	TrivyMatch = Confidence{100, TrivyMatchStr, 0}

-	// ChangelogExactMatch is a ranking how confident the CVE-ID was deteted correctly
+	// ChangelogExactMatch is a ranking how confident the CVE-ID was detected correctly
 	ChangelogExactMatch = Confidence{95, ChangelogExactMatchStr, 3}

-	// ChangelogLenientMatch is a ranking how confident the CVE-ID was deteted correctly
+	// ChangelogLenientMatch is a ranking how confident the CVE-ID was detected correctly
 	ChangelogLenientMatch = Confidence{50, ChangelogLenientMatchStr, 4}

-	// GitHubMatch is a ranking how confident the CVE-ID was deteted correctly
+	// GitHubMatch is a ranking how confident the CVE-ID was detected correctly
 	GitHubMatch = Confidence{97, GitHubMatchStr, 2}

-	// WPVulnDBMatch is a ranking how confident the CVE-ID was deteted correctly
-	WPVulnDBMatch = Confidence{100, WPVulnDBMatchStr, 0}
+	// WpScanMatch is a ranking how confident the CVE-ID was detected correctly
+	WpScanMatch = Confidence{100, WpScanMatchStr, 0}
 )
--- a/models/vulninfos_test.go
+++ b/models/vulninfos_test.go
@@ -28,10 +28,10 @@ func TestTitles(t *testing.T) {
 							Type:    RedHat,
 							Summary: "Summary RedHat",
 						},
-						NvdXML: {
-							Type:    NvdXML,
+						Nvd: {
+							Type:    Nvd,
 							Summary: "Summary NVD",
-							// Severity is NIOT included in NVD
+							// Severity is NOT included in NVD
 						},
 					},
 				},
@@ -42,7 +42,7 @@ func TestTitles(t *testing.T) {
 					Value: "Title1",
 				},
 				{
-					Type:  NvdXML,
+					Type:  Nvd,
 					Value: "Summary NVD",
 				},
 				{
@@ -65,17 +65,17 @@ func TestTitles(t *testing.T) {
 							Type:    RedHat,
 							Summary: "Summary RedHat",
 						},
-						NvdXML: {
-							Type:    NvdXML,
+						Nvd: {
+							Type:    Nvd,
 							Summary: "Summary NVD",
-							// Severity is NIOT included in NVD
+							// Severity is NOT included in NVD
 						},
 					},
 				},
 			},
 			out: []CveContentStr{
 				{
-					Type:  NvdXML,
+					Type:  Nvd,
 					Value: "Summary NVD",
 				},
 				{
@@ -98,10 +98,10 @@ func TestTitles(t *testing.T) {
 			},
 		},
 	}
-	for _, tt := range tests {
+	for i, tt := range tests {
 		actual := tt.in.cont.Titles(tt.in.lang, "redhat")
 		if !reflect.DeepEqual(tt.out, actual) {
-			t.Errorf("\nexpected: %v\n  actual: %v\n", tt.out, actual)
+			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
 	}
 }
@@ -130,10 +130,10 @@ func TestSummaries(t *testing.T) {
 							Type:    RedHat,
 							Summary: "Summary RedHat",
 						},
-						NvdXML: {
-							Type:    NvdXML,
+						Nvd: {
+							Type:    Nvd,
 							Summary: "Summary NVD",
-							// Severity is NIOT included in NVD
+							// Severity is NOT included in NVD
 						},
 					},
 				},
@@ -148,7 +148,7 @@ func TestSummaries(t *testing.T) {
 					Value: "Summary RedHat",
 				},
 				{
-					Type:  NvdXML,
+					Type:  Nvd,
 					Value: "Summary NVD",
 				},
 			},
@@ -168,10 +168,10 @@ func TestSummaries(t *testing.T) {
 							Type:    RedHat,
 							Summary: "Summary RedHat",
 						},
-						NvdXML: {
-							Type:    NvdXML,
+						Nvd: {
+							Type:    Nvd,
 							Summary: "Summary NVD",
-							// Severity is NIOT included in NVD
+							// Severity is NOT included in NVD
 						},
 					},
 				},
@@ -182,7 +182,7 @@ func TestSummaries(t *testing.T) {
 					Value: "Summary RedHat",
 				},
 				{
-					Type:  NvdXML,
+					Type:  Nvd,
 					Value: "Summary NVD",
 				},
 			},
@@ -219,21 +219,75 @@ func TestCountGroupBySeverity(t *testing.T) {
 				"CVE-2017-0002": {
 					CveID: "CVE-2017-0002",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
-							Cvss2Score: 6.0,
+						Nvd: {
+							Type:       Nvd,
+							Cvss3Score: 6.0,
 						},
 						RedHat: {
 							Type:       RedHat,
-							Cvss2Score: 7.0,
+							Cvss3Score: 7.0,
 						},
 					},
 				},
 				"CVE-2017-0003": {
 					CveID: "CVE-2017-0003",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
+							Cvss3Score: 2.0,
+						},
+					},
+				},
+				"CVE-2017-0004": {
+					CveID: "CVE-2017-0004",
+					CveContents: CveContents{
+						Nvd: {
+							Type:       Nvd,
+							Cvss3Score: 5.0,
+						},
+					},
+				},
+				"CVE-2017-0005": {
+					CveID: "CVE-2017-0005",
+				},
+				"CVE-2017-0006": {
+					CveID: "CVE-2017-0005",
+					CveContents: CveContents{
+						Nvd: {
+							Type:       Nvd,
+							Cvss3Score: 10.0,
+						},
+					},
+				},
+			},
+			out: map[string]int{
+				"Critical": 1,
+				"High":     1,
+				"Medium":   1,
+				"Low":      1,
+				"Unknown":  1,
+			},
+		},
+		{
+			in: VulnInfos{
+				"CVE-2017-0002": {
+					CveID: "CVE-2017-0002",
+					CveContents: CveContents{
+						Nvd: {
+							Type:       Nvd,
+							Cvss2Score: 1.0,
+						},
+						RedHat: {
+							Type:       RedHat,
+							Cvss3Score: 7.0,
+						},
+					},
+				},
+				"CVE-2017-0003": {
+					CveID: "CVE-2017-0003",
+					CveContents: CveContents{
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 2.0,
 						},
 					},
@@ -241,8 +295,8 @@ func TestCountGroupBySeverity(t *testing.T) {
 				"CVE-2017-0004": {
 					CveID: "CVE-2017-0004",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 5.0,
 						},
 					},
@@ -250,21 +304,31 @@ func TestCountGroupBySeverity(t *testing.T) {
 				"CVE-2017-0005": {
 					CveID: "CVE-2017-0005",
 				},
+				"CVE-2017-0006": {
+					CveID: "CVE-2017-0005",
+					CveContents: CveContents{
+						Nvd: {
+							Type:       Nvd,
+							Cvss2Score: 10.0,
+						},
+					},
+				},
 			},
 			out: map[string]int{
-				"High":    1,
-				"Medium":  1,
-				"Low":     1,
-				"Unknown": 1,
+				"Critical": 1,
+				"High":     1,
+				"Medium":   1,
+				"Low":      1,
+				"Unknown":  1,
 			},
 		},
 	}
-	for _, tt := range tests {
+	for i, tt := range tests {
 		actual := tt.in.CountGroupBySeverity()
 		for k := range tt.out {
 			if tt.out[k] != actual[k] {
-				t.Errorf("\nexpected %s: %d\n  actual %d\n",
-					k, tt.out[k], actual[k])
+				t.Errorf("[%d]\nexpected %s: %d\n  actual %d\n",
+					i, k, tt.out[k], actual[k])
 			}
 		}
 	}
@@ -275,13 +339,14 @@ func TestToSortedSlice(t *testing.T) {
 		in  VulnInfos
 		out []VulnInfo
 	}{
+		//0
 		{
 			in: VulnInfos{
 				"CVE-2017-0002": {
 					CveID: "CVE-2017-0002",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 6.0,
 						},
 						RedHat: {
@@ -293,8 +358,8 @@ func TestToSortedSlice(t *testing.T) {
 				"CVE-2017-0001": {
 					CveID: "CVE-2017-0001",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 7.0,
 						},
 						RedHat: {
@@ -308,8 +373,8 @@ func TestToSortedSlice(t *testing.T) {
 				{
 					CveID: "CVE-2017-0001",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 7.0,
 						},
 						RedHat: {
@@ -321,8 +386,8 @@ func TestToSortedSlice(t *testing.T) {
 				{
 					CveID: "CVE-2017-0002",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 6.0,
 						},
 						RedHat: {
@@ -333,14 +398,14 @@ func TestToSortedSlice(t *testing.T) {
 				},
 			},
 		},
-		// When max scores are the same, sort by CVE-ID
+		//[1] When max scores are the same, sort by CVE-ID
 		{
 			in: VulnInfos{
 				"CVE-2017-0002": {
 					CveID: "CVE-2017-0002",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 6.0,
 						},
 						RedHat: {
@@ -354,7 +419,7 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						RedHat: {
 							Type:       RedHat,
-							Cvss2Score: 7.0,
+							Cvss3Score: 7.0,
 						},
 					},
 				},
@@ -365,15 +430,15 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						RedHat: {
 							Type:       RedHat,
-							Cvss2Score: 7.0,
+							Cvss3Score: 7.0,
 						},
 					},
 				},
 				{
 					CveID: "CVE-2017-0002",
 					CveContents: CveContents{
-						NvdXML: {
-							Type:       NvdXML,
+						Nvd: {
+							Type:       Nvd,
 							Cvss2Score: 6.0,
 						},
 						RedHat: {
@@ -384,7 +449,7 @@ func TestToSortedSlice(t *testing.T) {
 				},
 			},
 		},
-		// When there are no cvss scores, sort by severity
+		//[2] When there are no cvss scores, sort by severity
 		{
 			in: VulnInfos{
 				"CVE-2017-0002": {
@@ -392,7 +457,7 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						Ubuntu: {
 							Type:          Ubuntu,
-							Cvss2Severity: "High",
+							Cvss3Severity: "High",
 						},
 					},
 				},
@@ -401,7 +466,7 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						Ubuntu: {
 							Type:          Ubuntu,
-							Cvss2Severity: "Low",
+							Cvss3Severity: "Low",
 						},
 					},
 				},
@@ -412,7 +477,7 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						Ubuntu: {
 							Type:          Ubuntu,
-							Cvss2Severity: "High",
+							Cvss3Severity: "High",
 						},
 					},
 				},
@@ -421,17 +486,17 @@ func TestToSortedSlice(t *testing.T) {
 					CveContents: CveContents{
 						Ubuntu: {
 							Type:          Ubuntu,
-							Cvss2Severity: "Low",
+							Cvss3Severity: "Low",
 						},
 					},
 				},
 			},
 		},
 	}
-	for _, tt := range tests {
+	for i, tt := range tests {
 		actual := tt.in.ToSortedSlice()
 		if !reflect.DeepEqual(tt.out, actual) {
-			t.Errorf("\nexpected: %v\n  actual: %v\n", tt.out, actual)
+			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
 	}
 }
@@ -456,29 +521,36 @@ func TestCvss2Scores(t *testing.T) {
 						Cvss2Score:    8.0,
 						Cvss2Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 					},
-					NvdXML: {
-						Type:          NvdXML,
+					Nvd: {
+						Type:          Nvd,
 						Cvss2Score:    8.1,
 						Cvss2Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 						Cvss2Severity: "HIGH",
 					},
+					//v3
+					RedHatAPI: {
+						Type:          RedHatAPI,
+						Cvss3Score:    8.1,
+						Cvss3Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
+						Cvss3Severity: "HIGH",
+					},
 				},
 			},
 			out: []CveContentCvss{
 				{
-					Type: NvdXML,
+					Type: RedHat,
 					Value: Cvss{
 						Type:     CVSS2,
-						Score:    8.1,
+						Score:    8.0,
 						Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 						Severity: "HIGH",
 					},
 				},
 				{
-					Type: RedHat,
+					Type: Nvd,
 					Value: Cvss{
 						Type:     CVSS2,
-						Score:    8.0,
+						Score:    8.1,
 						Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 						Severity: "HIGH",
 					},
@@ -501,7 +573,7 @@ func TestCvss2Scores(t *testing.T) {
 		},
 	}
 	for i, tt := range tests {
-		actual := tt.in.Cvss2Scores("redhat")
+		actual := tt.in.Cvss2Scores()
 		if !reflect.DeepEqual(tt.out, actual) {
 			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
@@ -513,6 +585,7 @@ func TestMaxCvss2Scores(t *testing.T) {
 		in  VulnInfo
 		out CveContentCvss
 	}{
+		// 0
 		{
 			in: VulnInfo{
 				CveContents: CveContents{
@@ -528,11 +601,11 @@ func TestMaxCvss2Scores(t *testing.T) {
 						Cvss2Score:    8.0,
 						Cvss2Vector:   "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 					},
-					NvdXML: {
-						Type:        NvdXML,
+					Nvd: {
+						Type:        Nvd,
 						Cvss2Score:  8.1,
 						Cvss2Vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
-						// Severity is NIOT included in NVD
+						// Severity is NOT included in NVD
 					},
 				},
 			},
@@ -546,26 +619,6 @@ func TestMaxCvss2Scores(t *testing.T) {
 				},
 			},
 		},
-		// Severity in OVAL
-		{
-			in: VulnInfo{
-				CveContents: CveContents{
-					Ubuntu: {
-						Type:          Ubuntu,
-						Cvss2Severity: "HIGH",
-					},
-				},
-			},
-			out: CveContentCvss{
-				Type: Ubuntu,
-				Value: Cvss{
-					Type:                 CVSS2,
-					Score:                8.9,
-					CalculatedBySeverity: true,
-					Severity:             "HIGH",
-				},
-			},
-		},
 		// Empty
 		{
 			in: VulnInfo{},
@@ -602,8 +655,8 @@ func TestCvss3Scores(t *testing.T) {
 						Cvss3Score:    8.0,
 						Cvss3Vector:   "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
 					},
-					NvdXML: {
-						Type:          NvdXML,
+					Nvd: {
+						Type:          Nvd,
 						Cvss2Score:    8.1,
 						Cvss2Vector:   "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
 						Cvss2Severity: "HIGH",
@@ -622,16 +675,38 @@ func TestCvss3Scores(t *testing.T) {
 				},
 			},
 		},
+		// [1] Severity in OVAL
+		{
+			in: VulnInfo{
+				CveContents: CveContents{
+					Ubuntu: {
+						Type:          Ubuntu,
+						Cvss3Severity: "HIGH",
+					},
+				},
+			},
+			out: []CveContentCvss{
+				{
+					Type: Ubuntu,
+					Value: Cvss{
+						Type:                 CVSS3,
+						Score:                8.9,
+						CalculatedBySeverity: true,
+						Severity:             "HIGH",
+					},
+				},
+			},
+		},
 		// Empty
 		{
 			in:  VulnInfo{},
 			out: nil,
 		},
 	}
-	for _, tt := range tests {
+	for i, tt := range tests {
 		actual := tt.in.Cvss3Scores()
 		if !reflect.DeepEqual(tt.out, actual) {
-			t.Errorf("\nexpected: %v\n  actual: %v\n", tt.out, actual)
+			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
 	}
 }
@@ -692,8 +767,8 @@ func TestMaxCvssScores(t *testing.T) {
 		{
 			in: VulnInfo{
 				CveContents: CveContents{
-					NvdXML: {
-						Type:       NvdXML,
+					Nvd: {
+						Type:       Nvd,
 						Cvss3Score: 7.0,
 					},
 					RedHat: {
@@ -703,10 +778,10 @@ func TestMaxCvssScores(t *testing.T) {
 				},
 			},
 			out: CveContentCvss{
-				Type: RedHat,
+				Type: Nvd,
 				Value: Cvss{
-					Type:  CVSS2,
-					Score: 8.0,
+					Type:  CVSS3,
+					Score: 7.0,
 				},
 			},
 		},
@@ -733,14 +808,14 @@ func TestMaxCvssScores(t *testing.T) {
 				CveContents: CveContents{
 					Ubuntu: {
 						Type:          Ubuntu,
-						Cvss2Severity: "HIGH",
+						Cvss3Severity: "HIGH",
 					},
 				},
 			},
 			out: CveContentCvss{
 				Type: Ubuntu,
 				Value: Cvss{
-					Type:                 CVSS2,
+					Type:                 CVSS3,
 					Score:                8.9,
 					CalculatedBySeverity: true,
 					Severity:             "HIGH",
@@ -753,21 +828,22 @@ func TestMaxCvssScores(t *testing.T) {
 				CveContents: CveContents{
 					Ubuntu: {
 						Type:          Ubuntu,
-						Cvss2Severity: "MEDIUM",
+						Cvss3Severity: "MEDIUM",
 					},
-					NvdXML: {
-						Type:          NvdXML,
+					Nvd: {
+						Type:          Nvd,
 						Cvss2Score:    7.0,
 						Cvss2Severity: "HIGH",
 					},
 				},
 			},
 			out: CveContentCvss{
-				Type: NvdXML,
+				Type: Ubuntu,
 				Value: Cvss{
-					Type:     CVSS2,
-					Score:    7.0,
-					Severity: "HIGH",
+					Type:                 CVSS3,
+					Score:                6.9,
+					Severity:             "MEDIUM",
+					CalculatedBySeverity: true,
 				},
 			},
 		},
@@ -783,23 +859,23 @@ func TestMaxCvssScores(t *testing.T) {
 			out: CveContentCvss{
 				Type: "Vendor",
 				Value: Cvss{
-					Type:                 CVSS2,
+					Type:                 CVSS3,
 					Score:                8.9,
 					CalculatedBySeverity: true,
-					Vector:               "-",
 					Severity:             "HIGH",
 				},
 			},
 		},
+		//5
 		{
 			in: VulnInfo{
 				CveContents: CveContents{
 					Ubuntu: {
 						Type:          Ubuntu,
-						Cvss2Severity: "MEDIUM",
+						Cvss3Severity: "MEDIUM",
 					},
-					NvdXML: {
-						Type:          NvdXML,
+					Nvd: {
+						Type:          Nvd,
 						Cvss2Score:    4.0,
 						Cvss2Severity: "MEDIUM",
 					},
@@ -811,11 +887,12 @@ func TestMaxCvssScores(t *testing.T) {
 				},
 			},
 			out: CveContentCvss{
-				Type: NvdXML,
+				Type: "Vendor",
 				Value: Cvss{
-					Type:     CVSS2,
-					Score:    4,
-					Severity: "MEDIUM",
+					Type:                 CVSS3,
+					Score:                8.9,
+					Severity:             "HIGH",
+					CalculatedBySeverity: true,
 				},
 			},
 		},
@@ -854,17 +931,17 @@ func TestFormatMaxCvssScore(t *testing.T) {
 					},
 					RedHat: {
 						Type:          RedHat,
-						Cvss2Severity: "HIGH",
+						Cvss3Severity: "HIGH",
 						Cvss3Score:    8.0,
 					},
-					NvdXML: {
-						Type:       NvdXML,
+					Nvd: {
+						Type:       Nvd,
 						Cvss2Score: 8.1,
-						// Severity is NIOT included in NVD
+						// Severity is NOT included in NVD
 					},
 				},
 			},
-			out: "8.3 HIGH (jvn)",
+			out: "8.0 HIGH (redhat)",
 		},
 		{
 			in: VulnInfo{
@@ -881,8 +958,8 @@ func TestFormatMaxCvssScore(t *testing.T) {
 						Cvss3Severity: "HIGH",
 						Cvss3Score:    9.9,
 					},
-					NvdXML: {
-						Type:       NvdXML,
+					Nvd: {
+						Type:       Nvd,
 						Cvss2Score: 8.1,
 					},
 				},
@@ -890,10 +967,10 @@ func TestFormatMaxCvssScore(t *testing.T) {
 			out: "9.9 HIGH (redhat)",
 		},
 	}
-	for _, tt := range tests {
+	for i, tt := range tests {
 		actual := tt.in.FormatMaxCvssScore()
 		if !reflect.DeepEqual(tt.out, actual) {
-			t.Errorf("\nexpected: %v\n  actual: %v\n", tt.out, actual)
+			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, actual)
 		}
 	}
 }
@@ -922,7 +999,7 @@ func TestSortPackageStatues(t *testing.T) {
 	}
 }

-func TestStorePackageStatueses(t *testing.T) {
+func TestStorePackageStatuses(t *testing.T) {
 	var tests = []struct {
 		pkgstats PackageFixStatuses
 		in       PackageFixStatus
@@ -985,7 +1062,7 @@ func TestAppendIfMissing(t *testing.T) {
 	}
 }

-func TestSortByConfiden(t *testing.T) {
+func TestSortByConfident(t *testing.T) {
 	var tests = []struct {
 		in  Confidences
 		out Confidences
--- a/msf/empty.go
+++ b/msf/empty.go
@@ -0,0 +1 @@
+package msf
--- a/msf/msf.go
+++ b/msf/msf.go
@@ -0,0 +1,51 @@
+// +build !scanner
+
+package msf
+
+import (
+	"github.com/future-architect/vuls/models"
+	"github.com/takuzoo3868/go-msfdb/db"
+	metasploitmodels "github.com/takuzoo3868/go-msfdb/models"
+)
+
+// FillWithMetasploit fills metasploit module information that has in module
+func FillWithMetasploit(driver db.DB, r *models.ScanResult) (nMetasploitCve int, err error) {
+	if driver == nil {
+		return 0, nil
+	}
+	for cveID, vuln := range r.ScannedCves {
+		if cveID == "" {
+			continue
+		}
+		ms := driver.GetModuleByCveID(cveID)
+		if len(ms) == 0 {
+			continue
+		}
+		modules := ConvertToModels(ms)
+		vuln.Metasploits = modules
+		r.ScannedCves[cveID] = vuln
+		nMetasploitCve++
+	}
+
+	return nMetasploitCve, nil
+}
+
+// ConvertToModels converts gost model to vuls model
+func ConvertToModels(ms []*metasploitmodels.Metasploit) (modules []models.Metasploit) {
+	for _, m := range ms {
+		var links []string
+		if 0 < len(m.References) {
+			for _, u := range m.References {
+				links = append(links, u.Link)
+			}
+		}
+		module := models.Metasploit{
+			Name:        m.Name,
+			Title:       m.Title,
+			Description: m.Description,
+			URLs:        links,
+		}
+		modules = append(modules, module)
+	}
+	return modules
+}
--- a/oval/alpine.go
+++ b/oval/alpine.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
--- a/oval/debian.go
+++ b/oval/debian.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
@@ -38,7 +40,13 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
 				defPacks.def.Debian.CveID)
 			cveContents = models.CveContents{}
 		}
-		vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+		if r.Family != config.Raspbian {
+			vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+		} else {
+			if len(vinfo.Confidences) == 0 {
+				vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+			}
+		}
 		cveContents[ctype] = ovalContent
 		vinfo.CveContents = cveContents
 	}
@@ -53,7 +61,7 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
 	}

 	// Update package status of source packages.
-	// In the case of Debian based Linux, sometimes source package name is difined as affected package in OVAL.
+	// In the case of Debian based Linux, sometimes source package name is defined as affected package in OVAL.
 	// To display binary package name showed in apt-get, need to convert source name to binary name.
 	for binName := range defPacks.binpkgFixstat {
 		if srcPack, ok := r.SrcPackages.FindByBinName(binName); ok {
@@ -76,7 +84,7 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
 }

 func (o DebianBase) convertToModel(def *ovalmodels.Definition) *models.CveContent {
-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range def.References {
 		refs = append(refs, models.Reference{
 			Link:   r.RefURL,
@@ -132,12 +140,28 @@ func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err

 	var relatedDefs ovalResult
 	if config.Conf.OvalDict.IsFetchViaHTTP() {
-		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
-			return 0, err
+		if r.Family != config.Raspbian {
+			if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+				return 0, err
+			}
+		} else {
+			// OVAL does not support Package for Raspbian, so skip it.
+			result := r.RemoveRaspbianPackFromResult()
+			if relatedDefs, err = getDefsByPackNameViaHTTP(&result); err != nil {
+				return 0, err
+			}
 		}
 	} else {
-		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
-			return 0, err
+		if r.Family != config.Raspbian {
+			if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+				return 0, err
+			}
+		} else {
+			// OVAL does not support Package for Raspbian, so skip it.
+			result := r.RemoveRaspbianPackFromResult()
+			if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, &result); err != nil {
+				return 0, err
+			}
 		}
 	}

@@ -187,7 +211,7 @@ func NewUbuntu() Ubuntu {

 // FillWithOval returns scan result after updating CVE info by OVAL
 func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
-	switch major(r.Release) {
+	switch util.Major(r.Release) {
 	case "14":
 		kernelNamesInOval := []string{
 			"linux-aws",
@@ -293,6 +317,34 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
 			"linux",
 		}
 		return o.fillWithOval(driver, r, kernelNamesInOval)
+	case "20":
+		kernelNamesInOval := []string{
+			"linux-aws",
+			"linux-azure",
+			"linux-gcp",
+			"linux-kvm",
+			"linux-meta",
+			"linux-meta-aws",
+			"linux-meta-azure",
+			"linux-meta-gcp",
+			"linux-meta-kvm",
+			"linux-meta-oem-5.6",
+			"linux-meta-oracle",
+			"linux-meta-raspi",
+			"linux-meta-riscv",
+			"linux-oem-5.6",
+			"linux-oracle",
+			"linux-raspi",
+			"linux-raspi2",
+			"linux-riscv",
+			"linux-signed",
+			"linux-signed-azure",
+			"linux-signed-gcp",
+			"linux-signed-oem-5.6",
+			"linux-signed-oracle",
+			"linux",
+		}
+		return o.fillWithOval(driver, r, kernelNamesInOval)
 	}
 	return 0, fmt.Errorf("Ubuntu %s is not support for now", r.Release)
 }
@@ -309,7 +361,7 @@ func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOv
 		if v, ok := r.Packages[linuxImage]; ok {
 			runningKernelVersion = v.Version
 		} else {
-			util.Log.Warnf("Unable to detect vulns of running kernel because the version of the runnning kernel is unknown. server: %s",
+			util.Log.Warnf("Unable to detect vulns of running kernel because the version of the running kernel is unknown. server: %s",
 				r.ServerName)
 		}

@@ -337,13 +389,13 @@ func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOv
 		}
 		for srcPackName, srcPack := range r.SrcPackages {
 			copiedSourcePkgs[srcPackName] = srcPack
-			targetBianryNames := []string{}
+			targetBinaryNames := []string{}
 			for _, n := range srcPack.BinaryNames {
 				if n == kernelPkgInOVAL || !strings.HasPrefix(n, "linux-") {
-					targetBianryNames = append(targetBianryNames, n)
+					targetBinaryNames = append(targetBinaryNames, n)
 				}
 			}
-			srcPack.BinaryNames = targetBianryNames
+			srcPack.BinaryNames = targetBinaryNames
 			r.SrcPackages[srcPackName] = srcPack
 		}

--- a/oval/debian_test.go
+++ b/oval/debian_test.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
--- a/oval/empty.go
+++ b/oval/empty.go
@@ -0,0 +1 @@
+package oval
--- a/oval/oval.go
+++ b/oval/oval.go
@@ -1,9 +1,9 @@
+// +build !scanner
+
 package oval

 import (
 	"encoding/json"
-	"fmt"
-	"net/http"
 	"time"

 	cnf "github.com/future-architect/vuls/config"
@@ -16,7 +16,6 @@ import (

 // Client is the interface of OVAL client.
 type Client interface {
-	CheckHTTPHealth() error
 	FillWithOval(db.DB, *models.ScanResult) (int, error)

 	// CheckIfOvalFetched checks if oval entries are in DB by family, release.
@@ -29,25 +28,6 @@ type Base struct {
 	family string
 }

-// CheckHTTPHealth do health check
-func (b Base) CheckHTTPHealth() error {
-	if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
-		return nil
-	}
-
-	url := fmt.Sprintf("%s/health", cnf.Conf.OvalDict.URL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().Get(url).End()
-	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to request to OVAL server. url: %s, errs: %w",
-			url, errs)
-	}
-	return nil
-}
-
 // CheckIfOvalFetched checks if oval entries are in DB by family, release.
 func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetched bool, err error) {
 	if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
@@ -59,13 +39,13 @@ func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetche
 	}

 	url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "count", osFamily, release)
-	resp, body, errs := gorequest.New().Get(url).End()
+	resp, body, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End()
 	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+		return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs)
 	}
 	count := 0
 	if err := json.Unmarshal([]byte(body), &count); err != nil {
-		return false, xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
+		return false, xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
 	}
 	return 0 < count, nil
 }
@@ -77,13 +57,13 @@ func (b Base) CheckIfOvalFresh(driver db.DB, osFamily, release string) (ok bool,
 		lastModified = driver.GetLastModified(osFamily, release)
 	} else {
 		url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "lastmodified", osFamily, release)
-		resp, body, errs := gorequest.New().Get(url).End()
+		resp, body, errs := gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-			return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+			return false, xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs)
 		}

 		if err := json.Unmarshal([]byte(body), &lastModified); err != nil {
-			return false, xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
+			return false, xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
 		}
 	}

--- a/oval/redhat.go
+++ b/oval/redhat.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
@@ -100,7 +102,7 @@ func (o RedHatBase) update(r *models.ScanResult, defPacks defPacks) (nCVEs int)
 			cveContents := vinfo.CveContents
 			if v, ok := vinfo.CveContents[ctype]; ok {
 				if v.LastModified.After(ovalContent.LastModified) {
-					util.Log.Debugf("%s, OvalID: %d ignroed: ",
+					util.Log.Debugf("%s, OvalID: %d ignored: ",
 						cve.CveID, defPacks.def.ID)
 				} else {
 					util.Log.Debugf("%s OVAL will be overwritten", cve.CveID)
@@ -171,17 +173,15 @@ func (o RedHatBase) convertToModel(cveID string, def *ovalmodels.Definition) *mo
 		score2, vec2 := o.parseCvss2(cve.Cvss2)
 		score3, vec3 := o.parseCvss3(cve.Cvss3)

-		severity := def.Advisory.Severity
+		sev2, sev3, severity := "", "", def.Advisory.Severity
 		if cve.Impact != "" {
 			severity = cve.Impact
 		}
-
-		sev2, sev3 := "", ""
-		if score2 == 0 {
-			sev2 = severity
-		}
-		if score3 == 0 {
+		if severity != "None" {
 			sev3 = severity
+			if score2 != 0 {
+				sev2 = severity
+			}
 		}

 		// CWE-ID in RedHat OVAL may have multiple cweIDs separated by space
--- a/oval/redhat_test.go
+++ b/oval/redhat_test.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
--- a/oval/suse.go
+++ b/oval/suse.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
@@ -86,7 +88,7 @@ func (o SUSE) update(r *models.ScanResult, defPacks defPacks) {
 }

 func (o SUSE) convertToModel(def *ovalmodels.Definition) *models.CveContent {
-	var refs []models.Reference
+	refs := []models.Reference{}
 	for _, r := range def.References {
 		refs = append(refs, models.Reference{
 			Link:   r.RefURL,
--- a/oval/util.go
+++ b/oval/util.go
@@ -1,10 +1,11 @@
+// +build !scanner
+
 package oval

 import (
 	"encoding/json"
 	"net/http"
 	"regexp"
-	"strings"
 	"time"

 	"github.com/cenkalti/backoff"
@@ -76,6 +77,7 @@ type request struct {
 	arch              string
 	binaryPackNames   []string
 	isSrcPack         bool
+	modularityLabel   string // RHEL 8 or later only
 }

 type response struct {
@@ -145,7 +147,7 @@ func getDefsByPackNameViaHTTP(r *models.ScanResult) (
 		select {
 		case res := <-resChan:
 			for _, def := range res.defs {
-				affected, notFixedYet, fixedIn := isOvalDefAffected(def, res.request, r.Family, r.RunningKernel)
+				affected, notFixedYet, fixedIn := isOvalDefAffected(def, res.request, r.Family, r.RunningKernel, r.EnabledDnfModules)
 				if !affected {
 					continue
 				}
@@ -187,13 +189,13 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er
 	count, retryMax := 0, 3
 	f := func() (err error) {
 		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
 			count++
 			if count == retryMax {
 				return nil
 			}
-			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
+			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %s", url, resp, errs)
 		}
 		return nil
 	}
@@ -212,7 +214,7 @@ func httpGet(url string, req request, resChan chan<- response, errChan chan<- er

 	defs := []ovalmodels.Definition{}
 	if err := json.Unmarshal([]byte(body), &defs); err != nil {
-		errChan <- xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
+		errChan <- xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
 		return
 	}
 	resChan <- response{
@@ -248,7 +250,7 @@ func getDefsByPackNameFromOvalDB(driver db.DB, r *models.ScanResult) (relatedDef
 			return relatedDefs, xerrors.Errorf("Failed to get %s OVAL info by package: %#v, err: %w", r.Family, req, err)
 		}
 		for _, def := range definitions {
-			affected, notFixedYet, fixedIn := isOvalDefAffected(def, req, r.Family, r.RunningKernel)
+			affected, notFixedYet, fixedIn := isOvalDefAffected(def, req, r.Family, r.RunningKernel, r.EnabledDnfModules)
 			if !affected {
 				continue
 			}
@@ -275,29 +277,33 @@ func getDefsByPackNameFromOvalDB(driver db.DB, r *models.ScanResult) (relatedDef
 	return
 }

-func major(version string) string {
-	ss := strings.SplitN(version, ":", 2)
-	ver := ""
-	if len(ss) == 1 {
-		ver = ss[0]
-	} else {
-		ver = ss[1]
-	}
-	return ver[0:strings.Index(ver, ".")]
-}
-
-func isOvalDefAffected(def ovalmodels.Definition, req request, family string, running models.Kernel) (affected, notFixedYet bool, fixedIn string) {
+func isOvalDefAffected(def ovalmodels.Definition, req request, family string, running models.Kernel, enabledMods []string) (affected, notFixedYet bool, fixedIn string) {
 	for _, ovalPack := range def.AffectedPacks {
 		if req.packName != ovalPack.Name {
 			continue
 		}

+		isModularityLabelEmptyOrSame := false
+		if ovalPack.ModularityLabel != "" {
+			for _, mod := range enabledMods {
+				if mod == ovalPack.ModularityLabel {
+					isModularityLabelEmptyOrSame = true
+					break
+				}
+			}
+		} else {
+			isModularityLabelEmptyOrSame = true
+		}
+		if !isModularityLabelEmptyOrSame {
+			continue
+		}
+
 		if running.Release != "" {
 			switch family {
 			case config.RedHat, config.CentOS:
 				// For kernel related packages, ignore OVAL information with different major versions
 				if _, ok := kernelRelatedPackNames[ovalPack.Name]; ok {
-					if major(ovalPack.Version) != major(running.Release) {
+					if util.Major(ovalPack.Version) != util.Major(running.Release) {
 						continue
 					}
 				}
@@ -327,13 +333,14 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
 				config.Amazon,
 				config.SUSEEnterpriseServer,
 				config.Debian,
-				config.Ubuntu:
+				config.Ubuntu,
+				config.Raspbian:
 				// Use fixed state in OVAL for these distros.
 				return true, false, ovalPack.Version
 			}

 			// But CentOS can't judge whether fixed or unfixed.
-			// Because fixed state in RHEL's OVAL is different.
+			// Because fixed state in RHEL OVAL is different.
 			// So, it have to be judged version comparison.

 			// `offline` or `fast` scan mode can't get a updatable version.
@@ -356,13 +363,11 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
 	return false, false, ""
 }

-var centosVerPattern = regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`)
-var esVerPattern = regexp.MustCompile(`\.el(\d+)(?:_\d+)?`)
-
 func lessThan(family, newVer string, packInOVAL ovalmodels.Package) (bool, error) {
 	switch family {
 	case config.Debian,
-		config.Ubuntu:
+		config.Ubuntu,
+		config.Raspbian:
 		vera, err := debver.NewVersion(newVer)
 		if err != nil {
 			return false, err
@@ -393,8 +398,8 @@ func lessThan(family, newVer string, packInOVAL ovalmodels.Package) (bool, error

 	case config.RedHat,
 		config.CentOS:
-		vera := rpmver.NewVersion(centosVerPattern.ReplaceAllString(newVer, ".el$1"))
-		verb := rpmver.NewVersion(esVerPattern.ReplaceAllString(packInOVAL.Version, ".el$1"))
+		vera := rpmver.NewVersion(centOSVersionToRHEL(newVer))
+		verb := rpmver.NewVersion(centOSVersionToRHEL(packInOVAL.Version))
 		return vera.LessThan(verb), nil

 	default:
@@ -402,3 +407,9 @@ func lessThan(family, newVer string, packInOVAL ovalmodels.Package) (bool, error
 	}
 	return false, xerrors.Errorf("Package version comparison not supported: %s", family)
 }
+
+var centosVerPattern = regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`)
+
+func centOSVersionToRHEL(ver string) string {
+	return centosVerPattern.ReplaceAllString(ver, ".el$1")
+}
--- a/oval/util_test.go
+++ b/oval/util_test.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package oval

 import (
@@ -16,7 +18,7 @@ func TestUpsert(t *testing.T) {
 		def      ovalmodels.Definition
 		packName string
 		fixStat  fixStat
-		upserted bool
+		upsert   bool
 		out      ovalResult
 	}{
 		//insert
@@ -30,7 +32,7 @@ func TestUpsert(t *testing.T) {
 				notFixedYet: true,
 				fixedIn:     "1.0.0",
 			},
-			upserted: false,
+			upsert: false,
 			out: ovalResult{
 				[]defPacks{
 					{
@@ -83,7 +85,7 @@ func TestUpsert(t *testing.T) {
 				notFixedYet: false,
 				fixedIn:     "3.0.0",
 			},
-			upserted: true,
+			upsert: true,
 			out: ovalResult{
 				[]defPacks{
 					{
@@ -117,9 +119,9 @@ func TestUpsert(t *testing.T) {
 		},
 	}
 	for i, tt := range tests {
-		upserted := tt.res.upsert(tt.def, tt.packName, tt.fixStat)
-		if tt.upserted != upserted {
-			t.Errorf("[%d]\nexpected: %t\n  actual: %t\n", i, tt.upserted, upserted)
+		upsert := tt.res.upsert(tt.def, tt.packName, tt.fixStat)
+		if tt.upsert != upsert {
+			t.Errorf("[%d]\nexpected: %t\n  actual: %t\n", i, tt.upsert, upsert)
 		}
 		if !reflect.DeepEqual(tt.out, tt.res) {
 			t.Errorf("[%d]\nexpected: %v\n  actual: %v\n", i, tt.out, tt.res)
@@ -200,6 +202,7 @@ func TestIsOvalDefAffected(t *testing.T) {
 		req    request
 		family string
 		kernel models.Kernel
+		mods   []string
 	}
 	var tests = []struct {
 		in          in
@@ -1074,9 +1077,85 @@ func TestIsOvalDefAffected(t *testing.T) {
 			notFixedYet: false,
 			fixedIn:     "3.1.0",
 		},
+		// dnf module
+		{
+			in: in{
+				family: config.RedHat,
+				def: ovalmodels.Definition{
+					AffectedPacks: []ovalmodels.Package{
+						{
+							Name:            "nginx",
+							Version:         "1.16.1-1.module+el8.3.0+8844+e5e7039f.1",
+							NotFixedYet:     false,
+							ModularityLabel: "nginx:1.16",
+						},
+					},
+				},
+				req: request{
+					packName:       "nginx",
+					versionRelease: "1.16.0-1.module+el8.3.0+8844+e5e7039f.1",
+				},
+				mods: []string{
+					"nginx:1.16",
+				},
+			},
+			affected:    true,
+			notFixedYet: false,
+			fixedIn:     "1.16.1-1.module+el8.3.0+8844+e5e7039f.1",
+		},
+		// dnf module 2
+		{
+			in: in{
+				family: config.RedHat,
+				def: ovalmodels.Definition{
+					AffectedPacks: []ovalmodels.Package{
+						{
+							Name:            "nginx",
+							Version:         "1.16.1-1.module+el8.3.0+8844+e5e7039f.1",
+							NotFixedYet:     false,
+							ModularityLabel: "nginx:1.16",
+						},
+					},
+				},
+				req: request{
+					packName:       "nginx",
+					versionRelease: "1.16.2-1.module+el8.3.0+8844+e5e7039f.1",
+				},
+				mods: []string{
+					"nginx:1.16",
+				},
+			},
+			affected:    false,
+			notFixedYet: false,
+		},
+		// dnf module 3
+		{
+			in: in{
+				family: config.RedHat,
+				def: ovalmodels.Definition{
+					AffectedPacks: []ovalmodels.Package{
+						{
+							Name:            "nginx",
+							Version:         "1.16.1-1.module+el8.3.0+8844+e5e7039f.1",
+							NotFixedYet:     false,
+							ModularityLabel: "nginx:1.16",
+						},
+					},
+				},
+				req: request{
+					packName:       "nginx",
+					versionRelease: "1.16.0-1.module+el8.3.0+8844+e5e7039f.1",
+				},
+				mods: []string{
+					"nginx:1.14",
+				},
+			},
+			affected:    false,
+			notFixedYet: false,
+		},
 	}
 	for i, tt := range tests {
-		affected, notFixedYet, fixedIn := isOvalDefAffected(tt.in.def, tt.in.req, tt.in.family, tt.in.kernel)
+		affected, notFixedYet, fixedIn := isOvalDefAffected(tt.in.def, tt.in.req, tt.in.family, tt.in.kernel, tt.in.mods)
 		if tt.affected != affected {
 			t.Errorf("[%d] affected\nexpected: %v\n  actual: %v\n", i, tt.affected, affected)
 		}
@@ -1089,24 +1168,116 @@ func TestIsOvalDefAffected(t *testing.T) {
 	}
 }

-func TestMajor(t *testing.T) {
-	var tests = []struct {
-		in       string
-		expected string
+func Test_centOSVersionToRHEL(t *testing.T) {
+	type args struct {
+		ver string
+	}
+	tests := []struct {
+		name string
+		args args
+		want string
 	}{
 		{
-			in:       "4.1",
-			expected: "4",
+			name: "remove centos.",
+			args: args{
+				ver: "grub2-tools-2.02-0.80.el7.centos.x86_64",
+			},
+			want: "grub2-tools-2.02-0.80.el7.x86_64",
 		},
 		{
-			in:       "0:4.1",
-			expected: "4",
+			name: "noop",
+			args: args{
+				ver: "grub2-tools-2.02-0.80.el7.x86_64",
+			},
+			want: "grub2-tools-2.02-0.80.el7.x86_64",
+		},
+		{
+			name: "remove minor",
+			args: args{
+				ver: "sudo-1.8.23-10.el7_9.1",
+			},
+			want: "sudo-1.8.23-10.el7.1",
 		},
 	}
-	for i, tt := range tests {
-		a := major(tt.in)
-		if tt.expected != a {
-			t.Errorf("[%d]\nexpected: %s\n  actual: %s\n", i, tt.expected, a)
-		}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := centOSVersionToRHEL(tt.args.ver); got != tt.want {
+				t.Errorf("centOSVersionToRHEL() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func Test_lessThan(t *testing.T) {
+	type args struct {
+		family        string
+		newVer        string
+		AffectedPacks ovalmodels.Package
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "newVer and ovalmodels.Package both have underscoreMinorversion.",
+			args: args{
+				family: "centos",
+				newVer: "1.8.23-10.el7_9.1",
+				AffectedPacks: ovalmodels.Package{
+					Name:        "sudo",
+					Version:     "1.8.23-10.el7_9.1",
+					NotFixedYet: false,
+				},
+			},
+			want: false,
+		},
+		{
+			name: "only newVer has underscoreMinorversion.",
+			args: args{
+				family: "centos",
+				newVer: "1.8.23-10.el7_9.1",
+				AffectedPacks: ovalmodels.Package{
+					Name:        "sudo",
+					Version:     "1.8.23-10.el7.1",
+					NotFixedYet: false,
+				},
+			},
+			want: false,
+		},
+		{
+			name: "only ovalmodels.Package has underscoreMinorversion.",
+			args: args{
+				family: "centos",
+				newVer: "1.8.23-10.el7.1",
+				AffectedPacks: ovalmodels.Package{
+					Name:        "sudo",
+					Version:     "1.8.23-10.el7_9.1",
+					NotFixedYet: false,
+				},
+			},
+			want: false,
+		},
+		{
+			name: "neither newVer nor ovalmodels.Package have underscoreMinorversion.",
+			args: args{
+				family: "centos",
+				newVer: "1.8.23-10.el7.1",
+				AffectedPacks: ovalmodels.Package{
+					Name:        "sudo",
+					Version:     "1.8.23-10.el7.1",
+					NotFixedYet: false,
+				},
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, _ := lessThan(tt.args.family, tt.args.newVer, tt.args.AffectedPacks)
+			if got != tt.want {
+				t.Errorf("lessThan() = %t, want %t", got, tt.want)
+			}
+		})
 	}
 }
--- a/report/azureblob.go
+++ b/report/azureblob.go
@@ -3,7 +3,6 @@ package report
 import (
 	"bytes"
 	"encoding/json"
-	"encoding/xml"
 	"fmt"
 	"time"

@@ -66,18 +65,6 @@ func (w AzureBlobWriter) Write(rs ...models.ScanResult) (err error) {
 				return err
 			}
 		}
-
-		if c.Conf.FormatXML {
-			k := key + ".xml"
-			var b []byte
-			if b, err = xml.Marshal(r); err != nil {
-				return xerrors.Errorf("Failed to Marshal to XML: %w", err)
-			}
-			allBytes := bytes.Join([][]byte{[]byte(xml.Header + vulsOpenTag), b, []byte(vulsCloseTag)}, []byte{})
-			if err := createBlockBlob(cli, k, allBytes); err != nil {
-				return err
-			}
-		}
 	}
 	return
 }
--- a/report/chatwork.go
+++ b/report/chatwork.go
@@ -1,14 +1,17 @@
 package report

 import (
+	"context"
 	"fmt"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
+	"time"

 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
 )

 // ChatWorkWriter send report to ChatWork
@@ -48,26 +51,25 @@ func (w ChatWorkWriter) Write(rs ...models.ScanResult) (err error) {

 func chatWorkpostMessage(room, token, message string) error {
 	uri := fmt.Sprintf("https://api.chatwork.com/v2/rooms/%s/messages=%s", room, token)
+	payload := url.Values{"body": {message}}

-	payload := url.Values{
-		"body": {message},
-	}
-
-	reqs, err := http.NewRequest("POST", uri, strings.NewReader(payload.Encode()))
-
-	reqs.Header.Add("X-ChatWorkToken", token)
-	reqs.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, uri, strings.NewReader(payload.Encode()))
+	defer cancel()
 	if err != nil {
 		return err
 	}
-	client := &http.Client{}
+	req.Header.Add("X-ChatWorkToken", token)
+	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

-	resp, err := client.Do(reqs)
+	client, err := util.GetHTTPClient(config.Conf.HTTPProxy)
+	if err != nil {
+		return err
+	}
+	resp, err := client.Do(req)
 	if err != nil {
 		return err
 	}
 	defer resp.Body.Close()
-
 	return nil
 }
--- a/report/cve_client.go
+++ b/report/cve_client.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package report

 import (
@@ -16,7 +18,7 @@ import (
 	cvemodels "github.com/kotakanbe/go-cve-dictionary/models"
 )

-// CveClient is api client of CVE disctionary service.
+// CveClient is api client of CVE dictionary service.
 var CveClient cvedictClient

 type cvedictClient struct {
@@ -24,29 +26,6 @@ type cvedictClient struct {
 	baseURL string
 }

-func (api *cvedictClient) initialize() {
-	api.baseURL = config.Conf.CveDict.URL
-}
-
-func (api cvedictClient) CheckHealth() error {
-	if !config.Conf.CveDict.IsFetchViaHTTP() {
-		util.Log.Debugf("get cve-dictionary from %s", config.Conf.CveDict.Type)
-		return nil
-	}
-
-	api.initialize()
-	url := fmt.Sprintf("%s/health", api.baseURL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-		return xerrors.Errorf("Failed to request to CVE server. url: %s, errs: %w",
-			url, errs)
-	}
-	return nil
-}
-
 type response struct {
 	Key       string
 	CveDetail cvemodels.CveDetail
@@ -135,9 +114,9 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
 	var resp *http.Response
 	f := func() (err error) {
 		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
+		resp, body, errs = gorequest.New().Timeout(10 * time.Second).Get(url).End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-			return xerrors.Errorf("HTTP GET Error, url: %s, resp: %v, err: %w",
+			return xerrors.Errorf("HTTP GET Error, url: %s, resp: %v, err: %s",
 				url, resp, errs)
 		}
 		return nil
@@ -153,7 +132,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
 	}
 	cveDetail := cvemodels.CveDetail{}
 	if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
-		errChan <- xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
+		errChan <- xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
 		return
 	}
 	resChan <- response{
@@ -183,13 +162,13 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c
 	var resp *http.Response
 	f := func() (err error) {
 		//  req := gorequest.New().SetDebug(config.Conf.Debug).Post(url)
-		req := gorequest.New().Post(url)
+		req := gorequest.New().Timeout(10 * time.Second).Post(url)
 		for key := range query {
 			req = req.Send(fmt.Sprintf("%s=%s", key, query[key])).Type("json")
 		}
 		resp, body, errs = req.End()
 		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-			return xerrors.Errorf("HTTP POST error. url: %s, resp: %v, err: %w", url, resp, errs)
+			return xerrors.Errorf("HTTP POST error. url: %s, resp: %v, err: %s", url, resp, errs)
 		}
 		return nil
 	}
@@ -204,7 +183,7 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c
 	cveDetails := []cvemodels.CveDetail{}
 	if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
 		return nil,
-			xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
+			xerrors.Errorf("Failed to Unmarshal. body: %s, err: %w", body, err)
 	}
 	return cveDetails, nil
 }
--- a/report/db_client.go
+++ b/report/db_client.go
@@ -1,3 +1,5 @@
+// +build !scanner
+
 package report

 import (
@@ -8,25 +10,28 @@ import (
 	gostdb "github.com/knqyf263/gost/db"
 	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
 	ovaldb "github.com/kotakanbe/goval-dictionary/db"
-	exploitdb "github.com/mozqnet/go-exploitdb/db"
+	metasploitdb "github.com/takuzoo3868/go-msfdb/db"
+	exploitdb "github.com/vulsio/go-exploitdb/db"
 	"golang.org/x/xerrors"
 )

-// DBClient is a dictionarie's db client for reporting
+// DBClient is DB client for reporting
 type DBClient struct {
-	CveDB     cvedb.DB
-	OvalDB    ovaldb.DB
-	GostDB    gostdb.DB
-	ExploitDB exploitdb.DB
+	CveDB        cvedb.DB
+	OvalDB       ovaldb.DB
+	GostDB       gostdb.DB
+	ExploitDB    exploitdb.DB
+	MetasploitDB metasploitdb.DB
 }

 // DBClientConf has a configuration of Vulnerability DBs
 type DBClientConf struct {
-	CveDictCnf  config.GoCveDictConf
-	OvalDictCnf config.GovalDictConf
-	GostCnf     config.GostConf
-	ExploitCnf  config.ExploitConf
-	DebugSQL    bool
+	CveDictCnf    config.GoCveDictConf
+	OvalDictCnf   config.GovalDictConf
+	GostCnf       config.GostConf
+	ExploitCnf    config.ExploitConf
+	MetasploitCnf config.MetasploitConf
+	DebugSQL      bool
 }

 // NewDBClient returns db clients
@@ -66,11 +71,21 @@ func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error)
 			cnf.ExploitCnf.SQLite3Path, err)
 	}

+	metasploitdb, locked, err := NewMetasploitDB(cnf)
+	if locked {
+		return nil, true, xerrors.Errorf("metasploitDB is locked: %s",
+			cnf.MetasploitCnf.SQLite3Path)
+	} else if err != nil {
+		util.Log.Warnf("Unable to use metasploitDB: %s, err: %s",
+			cnf.MetasploitCnf.SQLite3Path, err)
+	}
+
 	return &DBClient{
-		CveDB:     cveDriver,
-		OvalDB:    ovaldb,
-		GostDB:    gostdb,
-		ExploitDB: exploitdb,
+		CveDB:        cveDriver,
+		OvalDB:       ovaldb,
+		GostDB:       gostdb,
+		ExploitDB:    exploitdb,
+		MetasploitDB: metasploitdb,
 	}, false, nil
 }

@@ -161,7 +176,7 @@ func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error
 		path = cnf.ExploitCnf.SQLite3Path

 		if _, err := os.Stat(path); os.IsNotExist(err) {
-			util.Log.Warnf("--exploitdb-path=%s file not found. Fetch go-exploit-db before reporting if you want to display exploit codes of detected CVE-IDs. For details, see `https://github.com/mozqnet/go-exploitdb`", path)
+			util.Log.Warnf("--exploitdb-path=%s file not found. Fetch go-exploit-db before reporting if you want to display exploit codes of detected CVE-IDs. For details, see `https://github.com/vulsio/go-exploitdb`", path)
 			return nil, false, nil
 		}
 	}
@@ -177,6 +192,32 @@ func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error
 	return driver, false, nil
 }

+// NewMetasploitDB returns db client for Metasploit
+func NewMetasploitDB(cnf DBClientConf) (driver metasploitdb.DB, locked bool, err error) {
+	if config.Conf.Metasploit.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.MetasploitCnf.URL
+	if cnf.MetasploitCnf.Type == "sqlite3" {
+		path = cnf.MetasploitCnf.SQLite3Path
+
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			util.Log.Warnf("--msfdb-path=%s file not found. Fetch go-msfdb before reporting if you want to display metasploit modules of detected CVE-IDs. For details, see `https://github.com/takuzoo3868/go-msfdb`", path)
+			return nil, false, nil
+		}
+	}
+
+	util.Log.Debugf("Open metasploit db (%s): %s", cnf.MetasploitCnf.Type, path)
+	if driver, locked, err = metasploitdb.NewDB(cnf.MetasploitCnf.Type, path, cnf.DebugSQL, false); err != nil {
+		if locked {
+			util.Log.Errorf("metasploitDB is locked. err: %+v", err)
+			return nil, true, err
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}
+
 // CloseDB close dbs
 func (d DBClient) CloseDB() {
 	if d.CveDB != nil {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Richard Alloway	aeaf308679	Add test-case to verify proper version comparison in lessThan() (#1178 ) * Add test-case to verify proper version comparison when either/both/neither of newVer and ovalmodels.Package contain "_<minor version>" * Rename vera to newVer in Test_lessThan() * Fix oval/util_test.go formatting (make fmt) Co-authored-by: Richard Alloway (OpenLogic) <ralloway@perforce.com>	2021-02-14 05:30:07 +09:00
Kota Kanbe	f5e47bea40	chore: add a test-case to #1176 (#1177 )	2021-02-12 13:46:29 +09:00
Richard Alloway	50cf13a7f2	Pass packInOVAL.Version through centOSVersionToRHEL() to remove the "_<point release>" portion so that packInOVAL.Version strings like 1.8.23-10.el7_9.1 become 1.8.23-10.el7.1 (same behavior as newVer, which now allows packInOVAL.Version and newVer to be directly compared). (#1176 ) Co-authored-by: Richard Alloway (OpenLogic) <ralloway@perforce.com>	2021-02-12 13:33:36 +09:00
Kota Kanbe	abd8041772	fix(scan): yum ps warning for Red Hat family (#1174 ) * fix(yumps): no debug message for known patterns * refactor(scan): yum-ps * refacotr(scan): pkgPs	2021-02-12 13:03:06 +09:00
Kota Kanbe	847c6438e7	chore: fix debug message (#1169 )	2021-02-11 06:31:51 +09:00
Kota Kanbe	ef8309df27	chore: remove the heck binary (#1173 )	2021-02-11 06:31:32 +09:00
sadayuki-matsuno	0dff6cf983	fix(gost/microsoft) add workaround into mitigation (#1170 ) * fix(gost/microsoft) add workaround into mitigation * fix(gost/microsoft) fix typo and delete workaround field from vulninfo	2021-02-10 19:37:28 +09:00
kazuminn	4c04acbd9e	feat(report) : Differences between vulnerability patched items (#1157 ) * add plusDiff() and minusDiff() * add plusDiff minusDiff test Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-02-10 06:55:48 +09:00
Kota Kanbe	1c4f231572	fix(scan): ignore `rpm -qf` exit status (#1168 )	2021-02-09 17:26:12 +09:00
Kota Kanbe	51b8e169d2	fix(scan): warning if lsof command not found (#1167 )	2021-02-07 07:28:45 +09:00
Kota Kanbe	b4611ae9b7	fix(scan): fix yum-ps warning `Failed to exec which -bash` (#1166 )	2021-02-07 07:23:12 +09:00
Kota Kanbe	cd6722017b	fix(scan): yum-ps err `Failed to find the package` (#1165 )	2021-02-06 08:42:06 +09:00
Kota Kanbe	290edffccf	fix(log): output version to log for debugging purpose (#1163 )	2021-02-04 07:47:56 +09:00
Kota Kanbe	64a6222bf9	fix(report): set created_at and updated_at of trivy to json (#1162 )	2021-02-03 17:52:44 +09:00
Kota Kanbe	adb686b7c9	fix(report): set created_at and updated_at of wpscan.com to json (#1161 )	2021-02-03 16:41:44 +09:00
Kota Kanbe	d4af341b0f	fix(report): remove duplicated refreshing logic when report with -diff (#1160 )	2021-02-03 07:37:19 +09:00
Kota Kanbe	fea7e93c8d	chore: fix comment (#1158 )	2021-02-02 06:06:49 +09:00
sadayuki-matsuno	8b6b8d0f2e	feat(wordpress): define API limit exceed error for wpscan.com (#1155 ) * feat(wordpress) specify wp err * fix typo, chagne const name Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-01-30 09:53:41 +09:00
Kota Kanbe	4dcbd865cc	fix(report): set http timeout 10 sec (#1154 ) * fix(report): set http timeout 10 sec * fix: add an error handling	2021-01-30 09:40:33 +09:00
Kota Kanbe	39b19444fe	Merge branch 'master' of github.com:future-architect/vuls	2021-01-28 16:24:14 +09:00
Kota Kanbe	644d5a5462	fix(report): remove retry logic for wpscan.com (#1151 ) * fix(saas) change saas upload s3 key (#1116) * fix(report): remove retry logic for wpscan.com Co-authored-by: sadayuki-matsuno <sadayuki.matsuno@gmail.com>	2021-01-28 16:21:33 +09:00
Kota Kanbe	8e18451e3f	Merge branch 'master' of github.com:future-architect/vuls	2021-01-28 08:24:23 +09:00
Kota Kanbe	3dbdd01f97	fix(report): wordrpess scanning skipped when package is emtpy (#1150 )	2021-01-28 08:24:03 +09:00
sadayuki-matsuno	a89079c005	fix(saas) change saas upload s3 key (#1116 )	2021-01-28 08:20:13 +09:00
sadayuki-matsuno	a8c0926b4f	fix(saas) change saas upload s3 key (#1116 )	2021-01-27 14:43:09 +09:00
Kota Kanbe	dd2959a31b	fix(eol): add eol for alpine 3.13 (#1149 )	2021-01-27 12:52:07 +09:00
Kota Kanbe	51099f42c3	fix(tui): runtime panic when tui with docker-base-setup (#1148 ) * fix(tui): runtime panic when tui with docker-base-setup * pass test case	2021-01-26 09:40:26 +09:00
Kota Kanbe	63f170cc7a	fix(report): set severity in Red Hat OVAL to both CVSS v3 and v2 #1146 (#1147 )	2021-01-26 07:58:59 +09:00
Kota Kanbe	3c1489e588	feat(report): range notion calc by severity when no-cvss-score (#1145 )	2021-01-25 13:22:55 +09:00
Kota Kanbe	e4f1e03f62	feat(github): display GitHub Security Advisory details (#1143 )	2021-01-24 09:15:04 +09:00
Kota Kanbe	83d48ec990	Create codeql-analysis.yml	2021-01-24 09:06:13 +09:00
Kota Kanbe	b20d2b2684	fix(scan): skip wordpress scan for preudo servers (#1142 )	2021-01-21 07:11:55 +09:00
Kota Kanbe	2b918c70ae	fix(scan): config dump nocolor in debug mode. (#1141 )	2021-01-21 06:38:37 +09:00
Kota Kanbe	1100c133ba	feat(config): Default values for WordPress scanning to be set in config.toml (#1140 ) * chore: update go mod * fix(wordpress): set default if defined in config.toml	2021-01-21 06:22:25 +09:00
Kota Kanbe	88899f0e89	refactor: around CheckHTTPHealth (#1139 )	2021-01-20 07:41:29 +09:00
Kota Kanbe	59dc0059bc	fix(model): omit changelog from json if empty (#1137 )	2021-01-19 09:01:35 +09:00
Kota Kanbe	986fb304c0	fix(scan): add --nogpgcheck to dnf mod list to avoid `Error: Cache-only enabled but no cache for ***` (#1136 )	2021-01-19 08:05:20 +09:00
Kota Kanbe	d6435d2885	fix(xml): remove -format-xml #1068 (#1134 )	2021-01-18 04:38:00 +09:00
shopper	affb456499	fix(email.go):Fix runtime error(invalid memory address) (#1133 )	2021-01-18 04:08:14 +09:00
Kota Kanbe	705ed0a0ac	fix(discover): change config.toml template (#1132 )	2021-01-16 07:58:46 +09:00
Kota Kanbe	dfffe5b508	fix(config): err occurs when host not set in local-scan-mode (#1129 ) If host is not set in local scan mode, an error occurs.	2021-01-14 09:22:04 +09:00
Shigechika AIKAWA	fca102edba	fix dnf prompt and ssh user (#1126 )	2021-01-14 08:22:06 +09:00
Kota Kanbe	554b6345a2	chore: go mod update (#1127 )	2021-01-14 08:12:47 +09:00
Kota Kanbe	aa954dc84c	fix(scan): kindness msg when no-cache err on dnf mod list (#1128 )	2021-01-14 08:12:35 +09:00
Kota Kanbe	b5506a1368	chore: go mod update (#1125 )	2021-01-13 11:56:35 +09:00
Kota Kanbe	0b55f94828	Improve implementation around config (#1122 ) * refactor config * fix saas config * feat(config): scanmodule for each server in config.toml * feat(config): enable to specify containersOnly in config.toml * add new keys of config.toml to discover.go * fix summary output, logging	2021-01-13 08:46:27 +09:00
Kota Kanbe	a67052f48c	fix(scan): err detecting EOL for alpine Linux (#1124 )	2021-01-12 20:10:22 +09:00
Kota Kanbe	6eff6a9329	feat(report): display EOL information to scan summary (#1120 ) * feat(report): display EOL information to scan summary * detect Amazon linux EOL	2021-01-09 07:58:55 +09:00
Kota Kanbe	69d32d4511	feat(report): add a err code to wpscan.com API error (#1119 )	2021-01-07 14:57:49 +09:00
Kota Kanbe	d7a613b710	chore: go mod update (#1118 )	2021-01-07 08:02:29 +09:00
sadayuki-matsuno	669c019287	fix(cvecontent) Fixed not to split empty string (#1117 )	2021-01-06 15:52:55 +09:00
Shigechika AIKAWA	fcc4901a10	fix(scan): Failed to parse CentOS Stream (#1098 )	2021-01-06 14:57:19 +09:00
Kota Kanbe	4359503484	fix(redhat): possibility of false positives on RHEL (#1115 )	2021-01-06 13:33:08 +09:00
Kota Kanbe	b13f93a2d3	feat(scan): support dnf modules (#1114 ) * feat(scan): support dnf modules * change dnf module list --installed to --enabled * chore: refactor * feat(report): detect logic for dnf modularity label * fix func name * chore: update go mods	2021-01-06 11:36:41 +09:00
Kota Kanbe	8405e0fad6	refactor(gost): Duplicate code into function (#1110 ) * refactor(gost): Duplicate code into function * fix	2020-12-30 08:33:30 +09:00
Kota Kanbe	aceb3f1826	fix(scan): add an error case for `rpm -qa` (#1109 )	2020-12-30 08:05:14 +09:00
Kota Kanbe	a206675f3e	fix(wordpress): remove cache because not permitted. (#1107 )	2020-12-29 07:25:58 +09:00
Kota Kanbe	f4253d74ae	fix(wordpress): wpscan.com unmarshal error (#1106 ) * refactor(report): remove Integration.apply * add an err check * fix(wordpress): wpscan.com unmarshal error * fix warnings	2020-12-29 07:11:04 +09:00
Kota Kanbe	aaea15e516	refactor(report): remove Integration.apply (#1105 ) * refactor(report): remove Integration.apply * add an err check	2020-12-29 06:59:48 +09:00
Kota Kanbe	83d1f80959	chore(report): remove stride and hipchat support (#1104 )	2020-12-26 08:52:45 +09:00
Kota Kanbe	a33cff8f13	fix(reprot): use SQLite3 in current dir if not specified (#1103 )	2020-12-26 08:24:17 +09:00
Kota Kanbe	8679759f60	chore: fix typo (#1102 )	2020-12-26 08:23:02 +09:00
Kota Kanbe	53deaee3d7	refactor(config): remove DependencyCheckXMLPath in config.toml (#1100 )	2020-12-25 06:38:00 +09:00
Kota Kanbe	5a14a58fe4	refactor(nvdxml): Remove codes related to NVD xml(deprecated) (#1099 )	2020-12-25 06:16:14 +09:00
Kota Kanbe	fb1fbf8f95	feat(report): Add NVD as a source for mitigations, primarySrc URL and Patch URL (#1097 ) * feat(report): Add NVD as a src for mitigations. * feat(report): display "Vendor Advisory" URL in NVD * feat(report): display patch urls in report, tui	2020-12-24 08:37:10 +09:00
Kota Kanbe	cfbf779f9b	feat(exploit): add exploit link in NVD as a source (#1096 ) Added Refs information with NVD's Expoit tag as an information source for Exploit.	2020-12-16 07:10:18 +09:00
Kota Kanbe	d576b6c6c1	refactor(report): around FillCveInfo (#1095 ) * refactor(report): around FillCveInfo * refacotr(report): around FillCveInfo	2020-12-15 15:48:23 +09:00
Kota Kanbe	514eb71482	fix(server): make config loading same as scan (#1091 ) * fix(server): make config loading same as scan * also remove from report, tui	2020-12-15 04:33:14 +09:00
Kota Kanbe	43ed904db1	fix(deps): update dependencies (#1094 ) * fix(dpes): update dependencies * update go ver * update go ver * update go * update go	2020-12-15 04:32:23 +09:00
Kota Kanbe	0a440ca629	fix(saas): add saas subcmd (#1093 )	2020-12-11 16:19:36 +09:00
Kota Kanbe	eff1dbf95b	feat(scanner): vuls-scanner binary on release archive (#1092 )	2020-12-11 11:05:48 +09:00
Kota Kanbe	9a32a94806	refactor: fix build warnings (#1090 )	2020-12-11 06:45:39 +09:00
Shigechika AIKAWA	2534098509	fix(report): wpvulndb poor versioning(#1088 ) (#1089 )	2020-12-11 05:53:41 +09:00
sadayuki-matsuno	9497365758	update pkg (#1087 )	2020-12-04 15:57:02 +09:00
Kota Kanbe	101c44c9c0	Change .goreleaser to build binaries for arm, 386, amd64 at release. (#1082 ) * fix go-releaser * add vuls-scanner	2020-11-28 06:39:52 +09:00
Kota Kanbe	ffd745c004	fix a compile error #1083 (#1084 )	2020-11-27 15:14:04 +09:00
Kota Kanbe	5fea4eaef8	feat(nocgo): enable to build with CGO_ENABLED=0 (#1080 )	2020-11-27 09:55:09 +09:00
Kota Kanbe	1f610043cf	feat(scan): IgnoredJSONKyes to clear values in result json #1071 (#1078 )	2020-11-20 10:36:36 +09:00
Kota Kanbe	3f8de02683	fix(portscan): to keep backward compatibility before v0.13.0 (#1076 )	2020-11-19 16:54:36 +09:00
Kota Kanbe	d02535d053	fix(debian): false negative of kernel cves with rdb backend (#1075 ) * fix(debian): false negative of kernel cves with rdb backend * update golangci.yml * add --timeout=10m to golangci.yml	2020-11-18 10:32:37 +09:00
Kota Kanbe	75fceff5f7	refactor(report): format-csv (#1072 )	2020-11-05 21:10:35 +09:00
gy741	ebd3834a35	add(report) -format-csv option (#1034 )	2020-11-05 20:56:19 +09:00
Kota Kanbe	93059b74c3	feat(report): IgnoredJSONKyes to clear values in result json (#1071 ) * feat(report): IgnoredJSONKyes to clear values in result json * fix(report): marshal indent in JSON everytime	2020-11-05 20:13:09 +09:00
Kota Kanbe	2fc3462d35	fix(libscan): update trivy deps (#1070 )	2020-11-05 15:38:12 +09:00
Kota Kanbe	f78dab50cb	fix(fast-root): affectedProcs, ports bug (#1067 )	2020-10-31 14:21:11 +09:00
Norihiro NAKAOKA	edb324c3d9	fix(portscan): ignore loopback address on remote scan (#1062 ) * change ignore loop back address on remote scan * fix test case * change append simple * fix format * set golangci-lint timeout * Revert "set golangci-lint timeout" This reverts commit `56b1c7089a`.	2020-10-23 16:40:03 +09:00
Norihiro NAKAOKA	83bcca6e66	experimental: add smart(fast, minimum ports, silently) TCP port scanner (#1060 ) * add struct ListenPorts * change parse to models.ListenPorts from string * change support models.ListenPorts in TUI * add scanPort template , detectScanDest * add Test_detectScanDest * change impl scanPorts template * fix build error * change collect scan success address * add Test_matchListenPorts * add Test_updatePortStatus * change display port scan result on tui * change display scan emoji on report * Revert "change display scan emoji on report" This reverts commit `e281882cc6`. * add continue * change display format * change no use loop label * remove comment code * change display * fix padding * change refactoring var , fn name * fix var name * fix var name * change eye icon * change icon * delete unuse mod	2020-10-19 17:47:20 +09:00
Kota Kanbe	a124518d78	fix: hard-coded version #1057 (#1059 )	2020-10-16 20:42:31 +09:00
Alexander Stein	94bf630e29	Expand negative grep match for any error for lib scans. (#1056 ) Many thanks 👍 Sure, that's better. Note: FreeBSD find: `find: /var/run/ppp: Permission denied`	2020-10-12 11:30:11 +09:00
shopper	31bb33fd90	ignore apk warning (#1052 )	2020-10-12 10:40:01 +09:00
Kota Kanbe	4b680b9960	fix(scan-freebsd): also get installed with `pkg info` #1042 (#1051 ) * fix(scan-freebsd): also get installed with `pkg info` #1042 * fix test	2020-09-12 05:08:41 +09:00
Kota Kanbe	8a8ab8cb18	feat(libscan): enable to scan vulns of libs with pseudo #1035 (#1050 )	2020-09-11 13:09:59 +09:00
Kota Kanbe	8146f5fd1b	update readme (#1049 )	2020-09-11 10:26:57 +09:00
shopper	425c585e47	Support for smtp LOGIN authentication (#1048 ) * finished to implement new mail client * delete email_test.go	2020-09-04 15:45:29 +09:00
Kota Kanbe	4f1578b2d6	[WIP]fix(scan): collect a `running` version of kernel-devel (#1044 ) * fix(scan): collect a running kernel-devel version * refactor	2020-09-01 14:37:40 +09:00
Norihiro NAKAOKA	7969b343b0	Raspberry Pi OS(Raspbian) scanning using OVAL DB (#1019 ) * change: never refer to ChangeLog * change raspberry pi os use debian oval at report * change do not use r.Family * change gost do not use r.Family * change use r.Family because family has a large impact * change replace MaineK00n/goval-dictionary@raspberrypi-oval * note Raspbian Scan Policy * add Raspbian Changelog support policy * change grep Package for Raspbian at fast-scan mode * add changelog preprocessing for Raspbian * add take note of TODO * change Changelog fetch part to function * change error handling * change solve one TODO * change make ChangelogDir once * add comment * fix oval support Amazon Linux :refs #824 * change to useScannedCves from ovalSupproted * change confidence for Raspbian * change skip package for raspbian in OVAL DB * change separate raspbian implementation from util * change error, log format * change print format * change log format(delete newline) * change support changelog.(Debian.)gz * Revert "change support changelog.(Debian.)gz" This reverts commit `2265a72c67`. * change test chnage.(Debian.)gz * change support raspbian package(raspberry) * change error format * fix regexp pattern * fix typo * fix changelog cache * change rename function name * add TestParseChangelog * change changelog lenient match for raspbian * fix test case * change clog dir support symbolic link, clog save dir name append suffix * change remove more package for raspberry pi * fix error handling * change module update * change refactoring around identifying raspbian package * update go module * update scan image * update scan image * change clarify scan mode * change raspiPackNamePattern and add test case	2020-08-25 14:11:34 +09:00
Kota Kanbe	58cf1f4c8e	refactor(typo): fix typos (#1041 )	2020-08-24 16:34:32 +09:00
Norihiro NAKAOKA	a5b87af862	delete unnecessary images (#1036 ) * delete unnecessary images * Revert "delete unnecessary images" This reverts commit `0967e1c522`. * delete unnecessary images	2020-08-21 17:07:20 +09:00
Kota Kanbe	a0e592b934	fix(report): fix segfault while uploading to s3 (#1033 )	2020-08-07 10:31:43 +09:00
Kota Kanbe	7eccc538bb	fix(msfdb): udpate go-msfdb-deps (#1032 )	2020-08-06 16:54:14 +09:00
Kota Kanbe	59daa8570a	fix(gost): suppress err logging when unsupported debian (#1031 )	2020-08-05 20:05:50 +09:00
Kota Kanbe	3f52d318bc	fix(log): suppress err msg if no access priv to logfile (#1029 )	2020-07-31 16:55:12 +09:00
takuzoo	11a7a0c934	Display metasploit module information for each detected CVE-IDs (#1011 ) * add metasploit * fix go deps * fix msf report * fix msfdb server port number * delete non-unique msfdb url from fulltext report * fix(report): validate msfdb config on report (#1) * fix(msfdb): update deps (go-msfdb) * version up go-msfdb v0.1.0 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2020-07-03 14:05:07 +09:00
sadayuki-matsuno	89f49b0e29	Fix trivy parser test (#1014 ) * fix trivy parser test * fixed parser data	2020-06-24 17:14:43 +09:00
Kota Kanbe	72457cbf8e	bump up version	2020-06-24 10:57:39 +09:00
Kota Kanbe	c11ba27509	fix(libscan): include a lockfile path of libs (#1012 )	2020-06-24 10:46:00 +09:00
segatomo	8a611f9ba6	add diff-mode info (#1008 )	2020-06-19 16:07:14 +09:00
Kota Kanbe	4a73875e4d	bump up version (#1007 )	2020-06-17 12:21:26 +09:00
shopper	d9d5e612ff	Support ProxyJump option when using ssh command (#1004 ) * Add proxyjump func * Run go mod tidy * Run make fmt	2020-06-17 12:15:12 +09:00
Kota Kanbe	4d8599e4fc	update deps (#1006 ) see https://github.com/knqyf263/go-apk-version/pull/1	2020-06-16 07:48:07 +09:00
Norihiro NAKAOKA	59c7061d29	Fix SSH failure due to .ssh/config owner (#1005 ) * use -F option, success configtest and scan * add sshConfigPath in config.toml * Use sshConfigPath in config.toml when using ssh -F * change -ssh-config to deprecated * fix typo * add sshConfigPath in tomltemplate	2020-06-16 05:48:31 +09:00
segatomo	996557c667	support alpine3.11 (#1002 )	2020-06-12 13:42:11 +09:00
ahulab	519fb19a77	Added ReportedAt time for server mode reports (#996 ) - Fixes #928	2020-06-11 11:42:04 +09:00
kazuminn	36456cb151	feat(wordpress): Cache WpVulnDB (#989 ) * add wpVulnCache * fix bug * add test * fmt * fix bug * refactor * fix bug	2020-06-05 16:08:28 +09:00
sadayuki-matsuno	4ae87cc36c	Fix releaser (#988 ) * fix releaser * fix releaser * fix releaser * fix releaser * add 32 bit releaser and add exit code in cmd * delete 32 bit releaser * fix	2020-06-05 15:04:06 +09:00
shopper	b37df89fb1	Support SMTPS when using report -to-email (#991 ) * Add smtps func * Add SMTPS implementation * fix error message	2020-06-05 14:42:01 +09:00
sadayuki-matsuno	d18e7a751d	add trivy parser (#981 ) * add trivy parser * fix test * format * add title and summary * add trivy parse command * add uploader * set args by env * add README * add err check * fix * fix * fix * fix test * update trivy * refactor * delete require uuid * delete uuid from trivy parser Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2020-05-29 18:06:45 +09:00
kazuminn	8d5ea98e50	add -wp-ignore-inactive flag which ignores inactive plugin or themes (#974 ) * command * config * ignore inactive * fix * add test * fmt * add unset test * rename * add test * refactor * fix * refactor * refactor * fix golangci-lint error	2020-05-29 15:27:47 +09:00
Kota Kanbe	835dc08049	fix .golangci.yml	2020-05-27 20:33:57 +09:00
Kota Kanbe	62c9409fe9	add a github actions config (#985 ) * add a github actions config * fix(log): Don't create a log dir when testing * remove a meaningless test case * Thanks for everything, Mr, Travys. * add golangci * add goreleaser.yml * add tidy.yml * add golang-ci * fix many lint warnings	2020-05-27 20:11:24 +09:00
Kota Kanbe	2374f578ed	Bump up version	2020-05-26 09:32:10 +09:00
shopper	34e2f033d8	add kernelnames ubuntu20.04 (#982 )	2020-05-22 12:19:07 +09:00
kazuminn	420825cacc	remove append (#978 )	2020-05-20 13:55:07 +09:00