Vulnerability check backend
A python script that connects to the vulners.com API to pull in all security vulnerabilities that apply to your setup.
This is the backend responsible for the following:-
- Connecting to the API to get a list of all the types of vulnerabilities i.e. Cisco, Linux, Windows etc.
- Putting these into a SQLite DB so that they can be selected or deselected from the frontend
- Downloading the relevant .zip files from vulners and storing them in a folder to be accessed by the front end.
Table of contents
Usage
To use the backend run python3 main.py from within the main directory of the script or setup a crontab job to do this,
i.e. 0 1 * * 0-6 python3 /root/bin/vuln_backend/main.py >/dev/null 2>&1
Installation
Download the Zip of the script and extract to an easily accessible folder i.e. /root/bin/vuln_backend
You will need to setup the MySQL/MariaDB and MongoDB databases.
Thos MongoDB database is named vulnerabilities and this will need a collection named vuln_sets
Rename config.ini.example to config.ini and change the following values to your values:
DB_SERVER = dbserver DB_USER = dbuser DB_PWD = dbpass DB_NAME = database
MONGO_SERVER = mongoserver MONGO_PORT = 27017
Navigate to the installation directory and run pip install -r requirements.txt
Updating
To update, check the project homepage here to check the latest release.
Uninstallation
To uninstall, just delete the files and the crontab if you have set one up.
Contributing
Your contributions are always welcome! Please have a look at the contribution guidelines first.
License
GPLv3 2017 - LukeBrewerton. Please have a look at the LICENSE.md for more details.