This is Python code for TweeVEBot, a twitter bot that tweets info about the latest CVEs.
- Add twitter credentials to GCP Secret Manager in this format:
Name | Twitter credential |
---|---|
consumer_key | API key |
consumer_secret | API secret key |
access_token | generated Access token |
access_secret | generated Access token secret |
- Set up a Pub/Sub channel with GCP Cloud Scheduler set to publish the desired trigger time and date.
- Copy the contents the 'monthly' directory into a new GCP Cloud Function.
- Subscribe the new cloud function to that pub/sub channel.
- Await trigger from Pub/Sub, or press 'Run now' in GCP Cloud Scheduler to test.
gcp_implementation branch:
-
Gather top exploits/vulnerabilities from Mitre and sift through data to find most recently updated 8+ CVSS score CVE.
-
Each month, report on 1 of 4 categories: SQLi, Remote Execution, DDoS & Privilege Escalation.
-
Run in Google Cloud Platform as a Cloud Function, triggered on the first day of each month, at 10:00 GMT by GCP Cloud Scheduler and pub/sub channel.
-
Integrates with GCP Secret Manager to securely contain TweeVEBot twitter credentials.
-
Report on top 3 most recently modified CVE's of the week.
-
Integrate json data from NIST