VulmonSahil
The VulmonSahil is a Python library created by Sahil Gaikwad that allows security researchers to easily retrieve detailed information about vulnerabilities from the Vulmon website (https://vulmon.com). It provides a simple interface for scraping data related to specific Common Vulnerabilities and Exposures (CVE) entries. Features
Retrieve meta information about a vulnerability, including CVE name, CVSSv3 score, published date, and description. Gather information about vulnerable products associated with the vulnerability. Extract exploit links related to the vulnerability. Collect GitHub links associated with the vulnerability, handling relative paths and appending the appropriate base URL. Retrieve reference links related to the vulnerability.
Installation
To use the VulmonScraper library, make sure you have Python installed. Then, follow these steps:
Install the required dependencies (requests, BeautifulSoup, and lxml) by running the following command:
pip install requests beautifulsoup4 lxml
Download the vulmonscraper.py file from this repository and place it in your project directory.
Usage Example
python
import vulmonsahil
cve = "CVE-2023-25938"
cveData = vulmonsahil.VulmonScraper(cve)
cveInfo = cveData.scrape_data()
print("CVE Name:", cveInfo["metaInfo"]["CVEName"])
print("CVSSv3 Score:", cveInfo["metaInfo"]["CVSSv3"])
print("Published Date:", cveInfo["metaInfo"]["PublishedDate"])
print("Description:", cveInfo["metaInfo"]["Description"])
print("Vulnerable Products:", cveInfo["vulnProducts"])
print("Exploit Links:", cveInfo["exploitsLinks"])
print("GitHub Links:", cveInfo["githubLinks"])
print("Reference Links:", cveInfo["referenceLinks"])
How it can be useful to security researchers?
The VulmonScraper library provides security researchers with a valuable tool for gathering essential information about vulnerabilities. Here's how it can be useful:
Efficient Vulnerability Analysis: By leveraging the VulmonScraper library, security researchers can quickly access key details about vulnerabilities, such as CVE names, CVSSv3 scores, published dates, descriptions, vulnerable products, exploit links, GitHub links, and reference links.
Automated Data Retrieval: The library automates the process of scraping vulnerability information from the Vulmon website, eliminating the need for manual data collection. This saves time and effort for security researchers, allowing them to focus on analyzing and mitigating vulnerabilities.
Comprehensive Vulnerability Insight: With the VulmonScraper library, security researchers can gain a comprehensive understanding of vulnerabilities by accessing various aspects, including vulnerable products, associated exploits, GitHub repositories, and reference links. This holistic view enables researchers to assess the impact, severity, and potential mitigations of vulnerabilities effectively.
Up-to-Date Information: VulmonScraper retrieves data from the Vulmon website, ensuring that security researchers have access to the latest vulnerability information. This keeps researchers informed about new vulnerabilities, allowing them to stay proactive in their research and security practices.
By utilizing the VulmonScraper library, security researchers can streamline their vulnerability analysis process, access critical information efficiently, and enhance their overall research capabilities.