Skip to content

A Go security vulnerability research tool for searching the CVE Project repository for a particular keyword.

Notifications You must be signed in to change notification settings

garthhumphreys/cvehound

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cvehound cvehound

CVEHound

A Go security vulnerability research tool for searching the CVE Project repository for a particular keyword.

Requirements

Usage

go build

// example => ./cvehound keyword

$ ./cvehound webmin

/Users/username/cvelist/2022/0xxx/CVE-2022-0829.json:  "TITLE": "Improper Authorization in webmin/webmin"

How it works

  • The cvehound script first checks if the cvelist repository exists in the user's home directory.
  • If the repository doesn't exists, the repository is cloned.
  • If the repository does exists, then a git pull is performed to update the repository.

Once the repository is up-to-date, ripgrep is used to search for the keyword specified by the user. The results are displayed in the command line.

Notes This script uses the os and os/exec packages to interact with the file system and run external commands, respectively. The filepath package is used to construct the path to the local repository.

Before using this script, make sure you have ripgrep (rg) installed on your system. You can then build and run the script by running go build followed by ./cvehound keyword.

Contributing

If you find a bug or have a feature request, please open an issue or a pull request on GitHub.

Releases

No releases published

Packages

No packages published

Languages