The following is the output of the ssl and http checks we did on one of the projects we scanned with our vulnerability scanner. The data is obtained from the backend IPexploits table and is tagged with 0 where the check was not vulnerable and 1 where the test was unsafe. We can see this in the following screenshot. This is a TSV file with the schema (command_id, recored_id, service_result, vul[0/1]):

Now that we have tagged the data, let's process and clean it. After that, we will train our NLP model with it. We will be using a Naive Bayes classifier with NLP. I have had decent success with this model for the current dataset. It would be a good exercise to test various other models and see whether we can achieve a better prediction success rate.