Monitor CVE announcements and automatically notify when a binary/package/library/domain is affected.
Download one of the CVE announcements (in CVRF format) from
https://cve.mitre.org/data/downloads/index.htmlFor example allitems-cvrf.xml(~120MB) contains details of ~85,000 CVEs as of 10 NOV 2015.
Update
cvrf_pathincve-prev-date.pyto point to the local copy of the downloaded CVRF XML file.
Running MVP build on Ubuntu 15.10:
$ python3 cve-prev-date.py
...and voila...
Also verified to work using python 3.4.3 on Windows 7.
The following is the proposed workflow.
Currently individual functions are being implemented.
A MVP that supports phases 2, 3 & 4 is available ascve-prev-date.py.
-
Fetches the CVRF header and checks whether the timestamp is newer than the previous run when it was fetched.
-
If the header indicates that a newer CVRF is available, then the entire CVRF is fetched and a copy is saved locally.
-
The local copy of the latest CVRF is then parsed for all published/modified vulnerabilities(CVEs) since the previous run.
-
Results are displayed immediately on the console.
-
Optionally specific keyword(s) related to a binary/library/package/domain can be searched for in the newly published/modified CVEs. Upon finding a match, notifications can be triggerred to the respective user(s) for example via email.
Raptors are famous for their
- excellent eyesight for finding food,
- strong feet for holding food,
- and a strong curved beak for tearing flesh.
CVE-raptor hopes to demonstrate similar agility in
- quickly searching,
- filtering,
- and identifying CVEs of interest from public database(s).
Contents licensed under Creative Commons Attribution-ShareAlike CC BY-SA.
Feel free to report a bug or feature request.
For changes/fixes/enhancements, send in a pull-request. For more details contact me here.