Purify : All-In-One Tool For Managing Vulnerability Reports

The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools.

Purify is designed to analyze the report of any tool, if the report is in JSON or XML format. This means you don’t need any special plug-ins to process reports from your selection of tools.

Purify is able to remove duplicate results among various vulnerability scanners or tools. In addition, it can combine several results of the same tool based on some fields and it is fully configurable (no coding required). Purify does all this work to reduce the headache of the analyst.

Collect all security findings in one place, review/validate/track them, collaborate, get notifications(Slack), export them into tracking systems(Jira) and so on.

Built With

  • Nest – The web framework used
  • Vuetify – Material Component Framework for Vue

Features

Currently, Purify supports Slack and Jira. Also, there is SMTP module, but it is not use at the moment.

List of packages used for these modules:

Deployment With Nginx and MongoDB

Also Read – Guardedbox : Online Client-Side Manager For Secure Storage & Secrets Sharing

Configuration

  • Docker-Compose : Before deployment you may want to configure a few things in docker-compose file

// ./docker-compose.yml
// if you want local mongodb

Mongo:
********

environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
// update local path to the .env file (see api/.env.example)

API:
****
*
env_file:
-.env.custom
// update local paths to certificate and key files

Nginx:
*******

volumes:
– /path/to/cert:/etc/nginx/ssl/cert
– /path/to/key:/etc/nginx/ssl/key
– ./nginx.prod.conf:/etc/nginx/nginx.conf

Nginx

You can edit nginx config file to adjust it for your needs. There is a config example which is used by default, but in order to use it, you will need to change server_name options.

Start

docker-compose up -d

Built With

  • Nest – The web framework used
  • Vuetify – Material Component Framework for Vue
R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago