Skip to content

CVSS Calculator - a burp suite extension for calculating CVSS v2 and v3.1 scores of vulnerabilities.

License

Notifications You must be signed in to change notification settings

moeinfatehi/CVSS_Calculator

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVSS_Calculator: Offline CVSS Scoring Tool for Burp Suite

CVSS_Calculator is a powerful Burp Suite extension designed for security professionals and penetration testers to calculate CVSS (Common Vulnerability Scoring System) v2 and v3.1 scores of vulnerabilities, entirely offline. This tool integrates seamlessly with Burp Suite, providing a user-friendly graphical interface for assessing the severity of security vulnerabilities based on Base, Temporal, and Environmental metrics.

Key Features:

  • Offline CVSS Scoring: Calculate CVSS v2 and v3.1 scores without the need for an internet connection.
  • Comprehensive Metrics: Includes Base, Temporal, and Environmental metrics for a thorough vulnerability assessment.
  • User-Friendly Interface: Easy-to-use graphical interface integrated into Burp Suite for efficient scoring of vulnerabilities.
  • Dual Version Support: Supports both CVSS v2 and v3.1, catering to diverse assessment needs.

Installation

Using BApp Store [Quickest]

  1. Open Burp Suite.
  2. Navigate to Extender -> BApp Store.
  3. Search for and install the "CVSS Calculator" Extension.

Load The JAR File

  1. Download the CVSS_Calculator.jar file from the repository or build it from the source code.
  2. Open Burp Suite.
  3. Go to Extender -> Extensions -> Add.
  4. Select the CVSS_Calculator.jar file and add it to Burp Suite.
  5. A new tab for "CVSS Calculator" will be added to the Burp Suite interface.

Build From Source Code

  1. Ensure you have Gradle installed.
  2. Clone the repository: git clone https://github.com/moeinfatehi/CVSS_Calculator
  3. Navigate to the main directory (where build.gradle exists) and run: gradle makeJar
  4. The Jar file will be generated in build/libs/CVSS_Calculator.jar

How to Use CVSS_Calculator

After adding the extension to Burp Suite, a new tab will be available where you can access both CVSS v2 and v3.1 calculators in separate tabs. Simply input the relevant metrics, and the tool will calculate the CVSS scores for you.

Feedback and Contributions

We welcome feedback and contributions to the CVSS_Calculator project. If you find any bugs or have comments, please feel free to contact us. Your input is invaluable in making this tool more effective for the cybersecurity community.

Contact

For any inquiries or suggestions, please reach out via GitHub Issues or contact me directly through my Twitter account.