🛡️ PatchThisApp

Enterprise-grade vulnerability intelligence and prioritization platform

Powered by RogoLabs | Originally created by Jerry Gamblin

📊 Live Dashboard • 🚀 Quick Start • 📖 Documentation • 🤝 Contributing

---

🎯 Overview

PatchThisApp transforms vulnerability management by providing actionable intelligence that cuts through the noise of thousands of CVEs published monthly. Our platform aggregates and analyzes data from industry-leading sources to deliver a curated, prioritized list of vulnerabilities that matter most to your organization.

✨ Key Features

• 🔍 Intelligent Prioritization: ML-driven scoring and analysis to focus on the most critical threats
• 🚀 Real-time Intelligence: Continuous monitoring and updates from trusted security sources
• 📱 Modern Web Interface: Clean, responsive dashboard with advanced filtering and sorting
• 📊 Multiple Data Formats: CSV export, JSON API, and web visualization
• 🎨 Enterprise Ready: Professional interface suitable for executive reporting
• 🔧 Open Source: Transparent, community-driven development

🏢 Enterprise Intelligence Sources

Our platform integrates data from the most trusted vulnerability intelligence sources:

Source	Description	Update Frequency
CISA KEV Catalog	Known Exploited Vulnerabilities actively targeted in the wild	Daily
Rapid7 Metasploit	Battle-tested exploit modules used by security professionals	Continuous
Project Discovery Nuclei	Community-driven vulnerability detection templates	Continuous
EPSS Scoring	ML-driven exploit prediction scores (>0.95 threshold)	Daily

🚀 Quick Start

Prerequisites

• Python 3.8+ (for data processing)
• Web server (for hosting static files)

Installation

1. Clone the repository

   git clone https://github.com/RogoLabs/patchthisapp.git
   cd patchthisapp

2. Install dependencies

   pip install -r requirements.txt

3. Generate vulnerability data

   python patchthisapp.py

4. Serve the web interface

   # Using Python's built-in server
   cd web
   python -m http.server 8000
   
   # Or using any web server of your choice

5. Access the dashboard Open your browser to http://localhost:8000

📖 Documentation

Project Structure

patchthisapp/
├── 📄 patchthisapp.py          # Core data processing engine
├── 📄 requirements.txt        # Python dependencies
├── 📁 web/                    # Static web interface
│   ├── 📄 index.html          # Main landing page
│   ├── 📄 viewer.html         # Data visualization dashboard
│   ├── 📄 modern.css          # Modern styling
│   └── 📄 data.csv            # Generated vulnerability data
├── 📁 data/                   # Raw data sources
│   └── 📄 data.csv            # Processed vulnerability dataset
└── 📄 README.md               # This file

Data Processing Engine

The patchthisapp.py script is the heart of our intelligence platform:

Key Features:

• 🔄 Automated Data Collection: Fetches from multiple trusted sources
• 🧹 Data Normalization: Standardizes formats and removes duplicates
• 📊 Intelligent Scoring: Applies EPSS and CVSS scoring for prioritization
• 📈 Export Capabilities: Generates CSV and JSON outputs
• 🔍 Error Handling: Robust error management and logging

Usage:

# Basic usage
python patchthisapp.py

# With custom output directory
python patchthisapp.py --output-dir /path/to/output

# Verbose logging
python patchthisapp.py --verbose

Web Interface

Our modern web interface provides:

🏠 Landing Page (index.html)

• Professional overview of the platform
• Data source information
• Quick access to intelligence dashboard

📊 Intelligence Dashboard (viewer.html)

• Sortable columns: Click any header to sort data
• Real-time search: Filter vulnerabilities instantly
• Responsive design: Works on desktop, tablet, and mobile
• Export functionality: Download data as CSV
• Professional styling: Enterprise-ready appearance

Key Dashboard Features:

• CVE Information: Complete vulnerability identifiers
• CVSS Scoring: Visual severity indicators
• EPSS Scoring: Exploit prediction probability
• Publication Dates: Timeline information
• Source Attribution: Data provenance tracking

🔧 API & Data Formats

CSV Export

The generated data.csv includes:

• CVE: CVE identifier
• CVSS Score: Severity score (0.0-10.0)
• EPSS: Exploit prediction score (0.0-1.0)
• Description: Vulnerability description
• Published: Publication date
• Source: Data source attribution

JSON API

{
  "cve": "CVE-2024-XXXX",
  "cvss_score": 9.8,
  "epss_score": 0.97,
  "description": "Critical vulnerability description",
  "published": "2024-01-15",
  "sources": ["CISA", "Metasploit"]
}

🛠️ Configuration

Environment Variables

# Optional: Custom data source URLs
export CISA_KEV_URL="https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv"
export EPSS_URL="https://epss.cyentia.com/epss_scores-current.csv.gz"

# Optional: Update frequency (hours)
export UPDATE_FREQUENCY=24

Custom Data Sources

Extend the platform by adding custom data sources in patchthisapp.py:

def load_custom_source(source_url: str) -> pd.DataFrame:
    # Your custom data loading logic
    pass

🚀 Deployment

Static Hosting

Deploy to any static hosting platform:

• GitHub Pages: Automatic deployment from repository
• Netlify: Drag-and-drop deployment
• AWS S3: Static website hosting
• Cloudflare Pages: Global CDN deployment

Docker Deployment

FROM nginx:alpine
COPY web/ /usr/share/nginx/html/
EXPOSE 80

Production Considerations

• 🔒 HTTPS: Always use SSL in production
• 🚀 CDN: Implement content delivery network
• 📊 Analytics: Add usage tracking if needed
• 🔄 Automation: Schedule regular data updates

🤝 Contributing

We welcome contributions from the security community! Here's how you can help:

Ways to Contribute

• 🐛 Bug Reports: Report issues or inconsistencies
• ✨ Feature Requests: Suggest new capabilities
• 📖 Documentation: Improve guides and examples
• 🔧 Code Contributions: Submit pull requests
• 📊 Data Sources: Suggest additional intelligence feeds

Development Setup

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests if applicable
5. Submit a pull request

Code Style

• Follow PEP 8 for Python code
• Use meaningful commit messages
• Include documentation for new features
• Ensure backward compatibility

📊 Metrics & Analytics

Current Coverage

• ~2,000+ actively tracked CVEs
• 4 primary intelligence sources
• 24/7 monitoring and updates
• 99.9% uptime target

Performance

• <2s page load time
• Real-time search and filtering
• Mobile-optimized responsive design
• Lightweight ~100KB total assets

🔐 Security & Privacy

• No Data Collection: We don't track users or collect personal data
• Open Source: Complete transparency in methodology
• Secure Sources: All data from verified, trusted sources
• Regular Updates: Continuous security monitoring

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Jerry Gamblin - Original creator and vision
• RogoLabs - Current maintainer and platform provider
• Security Community - Contributors and data source providers
• Open Source Projects - CISA, Rapid7, Project Discovery, and FIRST

📞 Support & Contact

• 🐛 Issues: GitHub Issues
• 💬 Discussions: GitHub Discussions
• 🌐 Website: RogoLabs
• 📧 Email: Contact through RogoLabs website

---

Made with ❤️ by the security community

⭐ Star this repository if you find it useful!

🔝 Back to top