The knife of the Admin & Security auditor
Switch branches/tags
Nothing to show
Clone or download

README.rst

Patton-cli - The knife of the Admin & Security auditor

Current version 0.0.1
Project site https://github.com/bbva/patton-cli
Issues https://github.com/bbva/patton-cli/issues/
Python versions 3.6 or above

What's Patton cli?

Patton-cli (PC) born with the objective to be a knife for system admins and security auditors.

PC could be filled with many different sources and report in many formats, being great for scripting.

You can see a demo video running Patton-Server + Patton-CLI:

patton demo

Installation

Install Patton is easy:

> python3.6 -m pip install patton-cli

NOTE

Patton-cli need a Patton-server. Be sure that the server is running!

Getting started

Quick example

> patton django:1.9

+------------+-------------------------------------+---------------------+
| Name       | CPEs                                | CVEs                |
+------------+-------------------------------------+---------------------+
| django:1.9 | cpe:/a:djangoproject:django:1.9:rc2 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc2 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc2 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc2 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc1 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc1 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc1 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:rc1 | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:b1  | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
|            | ----------------------------------- | ------------------- |
|            | cpe:/a:djangoproject:django:1.9:b1  | CVE-2017-7234 (5.8) |
|            |                                     | ------------------- |
|            |                                     | CVE-2017-7233 (5.8) |
+------------+-------------------------------------+---------------------+

Getting help

Patton-cli has self-explained doc:

> patton -h

usage: patton [-h] [-v] [--patton-host PATTON_HOST] [-F {table,json,csv}] [-q]
          [-i FROM_FILE] [-o OUTPUT_FILE]
          [-e {python,alpine,simple_parser,auto,nmap,dpkg}] [-s] [-D] [-B]
          [-t {auto,nmap}] [-f]
          [INPUT_LIST [INPUT_LIST ...]]

Patton cli

positional arguments:
  INPUT_LIST

optional arguments:
  -h, --help            show this help message and exit
  -v                    log level
  --patton-host PATTON_HOST
                        patton server host
  -F {table,json,csv}, --display-format {table,json,csv}
                        display format options
  -q, --quiet           do not display any information in stdout
  -i FROM_FILE, --from-file FROM_FILE
                        output file for results
  -o OUTPUT_FILE, --output-file OUTPUT_FILE
                        results file. formats: csv, json, raw
  -e {python,alpine,simple_parser,auto,nmap,dpkg}, --source-type {python,alpine,simple_parser,auto,nmap,dpkg}
                        use specific source parser
  -s, --skip-on-fail    doesn't abort execution on dependency check fail

Working modes:
  -D, --dependency      check libraries and versions (default)
  -B, --banner          check banners (currently experimental)

Specific option for banners:
  -t {auto,nmap}, --banner-type {auto,nmap}
                        http, ftp, ...-
  -f, --follow          read from stdin and do a continuously check

Examples:

  * Checking specific library and output as table:
    > patton django:1.2 flask:1.1.0

  * Checking Python installed dependencies and output as CSV:
    > pip freeze | patton -F csv
    or
    > patton -F csv -i requirements.txt

  * Checking ubuntu dependencies display as table and dump in json file:
    > dpkg -l | patton -e dpkg -F table -o results.json

Usage examples

Getting vulnerabilities from different sources

From Ubuntu

> dpkg -l | patton -e dpkg

From Brew

> brew list --versions | patton

From Alpine

> apk version -v | patton -e alpine

From python requirements

> pip freeze | patton -e python

or

> cat requirements.txt | patton -e python

or

> patton -i requirements.txt -e python

From Golang requirements

> cat Gopkg.lock | patton -e golang

Formatting the output

Patton-cli can display results in these formats:

  • Table
  • JSON
  • CSV
> cat requirements.txt | patton -e python -F csv
> cat requirements.txt | patton -e python -F json
> cat requirements.txt | patton -e python -F table

Exporting results

Patton-cli can export the results in format:

  • Raw (table)
  • JSON
  • CSV

The format of file is determined by the extension:

> cat requirements.txt | patton -e python -o report.json
> cat requirements.txt | patton -e python -o report.csv
> cat requirements.txt | patton -e python -o report.raw

Quiet mode

If you don't want that Patton-cli reports anything by the terminal, you can use -q option:

> cat requirements.txt | patton -e python -q -o report.csv

Some funny examples

Listing dependencies and check te vulns:

> dpkg -l | tee patton -e dpkg -q -o reports.csv

Finding critical vulnerabilities:

> dpkg -l | patton -e dpkg -F csv | grep "10\.0" > critial_vulns.txt

Contributing

Any collaboration is welcome!

There're many tasks to do.You can check the Issues and send us a Pull Request.

Also you can read the TODO file.

License

This project is distributed under Apache 2 license