CVE-Notifier is a script that allows you to retrieve all the tweets from @CVEProject, for each announcement of a new vulnerability and to send an email (multiple receivers).
You can filter the new CVE in the tweets of the @cvenew account by keywords (ex: Microsoft; iOS; Fortinet) or send all the new CVE.
During installation (setup.py), the script writes a configuration file (config.txt) with the information entered on the command line.
WARNING : your e-mail credentials (for sending news) are stored in this file with an encoding. Please run this script on a machine over which you have control and which is protected. No one should be able to read the file created. Your identifiers on the twitter API are also encoded and stored in this file.
Example of mail sent by CVE-Notifier:
You must request the registration of an APP on the portal dedicated to the twitter API (https://developer.twitter.com/) in order to obtain tokens.
CVE-Notifier require tweepy and smtplib python librairies, Python 3 (tested with 3.7.3) and Linux based system (tested on Debian 10) or Windows 10.
For install feedparser and smtplib :
pip3 install tweepy && pip3 install smtplib
root@host:~/Desktop/# git clone https://github.com/Guezone/CVE-Notifier && cd CVE-Notifier/
root@host:~/Desktop/CVE-Notifier# python3 setup.py -h
Output :
-h, --help show this help message and exit
-sender email-addr set sender email address
-p your_password set sender SMTP password
-server smtp_server set SMTP server name
-port port set SMTP port used by the server
-tls yes|no use TLS for SMTP authentication
-cons_key consumer_key set your consumer twitter API key
-cons_secret consumer_secret set your consumer twitter API secret
-access_key access_token_key set your access twitter API key
-access_secret access_token_secret set your access twitter API secret
-r email-addr1;email-addr2 set receivers email address
Start a setup script to build your configuration :
root@host:~/Desktop/CVE-Notifier# python3 setup.py -sender account@mail.com -p 'mYPASSw0rd' -server smtp.mail.com -port 587 -tls yes
-r 'user1@mail.com;user2@mail.com' -cons_key 'XXXXXXXXXXXXXXXXXX' -cons_secret 'XXXXXXXXXXXXXXX' -access_key 'XXXXXXXXXXXXXXXXXX' -access_secret 'XXXXXXXXXXXXXXXXX'
Note : on Linux based system, use -argument 'arg' for escape all characters, on Windows, use string without quotes.
Please wait. A test message to user1@mail.com will be sent to test your configuration.
Please wait. A test message to user2@mail.com will be sent to test your configuration.
Twitter API authentication successful.
Current tweetlist recording in progress...
Successful recording of tweets entries in the buffer file.
Do you want to be notified for all CVE news or add keywords ? (A/a -> All CVE) (K/k -> Keywords only) : k
Please enter the keywords you are interested in among CVE publications (ex: iOS;Microsoft;Palo) separated by ';'' :Microsoft;iOS;Palo;Fortinet;Wordpress
CVE-Notifier is now ready. Execute cve-notifier.py now and automate it.
If the script does not find new tweets in @cvenew Tweeter timeline, here is the result:
root@host:~/Desktop/CVE-Notifier# python3 cve-notifier.py
Configuration is good.
No new CVE. Goodbye
If the script find new tweets in @cvenew Tweeter timeline, here is the result:
root@host:~/Desktop/CVE-Notifier# python3 cve-notifier.py
Configuration is good. One new tweet detected.
Sending email at user1@mail.com...
Email was sent.
Sending email at user2@mail.com...
Email was sent.
Updating buffer file...
Buffer file was updated. Goodbye.
You can (and must) automate it periodically with cron for example, in order to check new tweets:
root@host:~/Desktop/CVE-Notifier# crontab -e
*/10 * * * * python3 /root/Desktop/CVE-Notifier/cve-notifier.py (>> /root/Desktop/CVE-Notifier/cve-updates.log 2>&1)