Python SDK to access the vulnerability database
It's possible to install the latest stable release from pypi:
pip install vulndb
Or if you're interested in the latest version from our repository:
git clone https://github.com/vulndb/python-sdk.git
python setup.py install
>>> from vulndb import DBVuln
>>> dbv = DBVuln.from_id(42)
>>> dbv.title
'SQL Injection'
>>> dbv.description
'A long and actionable description for SQL injection ...'
>>> dbv.fix_guidance
'Explains the developer how to fix SQL injections, usually a couple of <p> long ...'
>>> dbv.severity
'high'
>>> r = dbv.references[0]
>>> r.url
'http://example.com/sqli-description.html'
>>> r.title
'SQL injection cheat-sheet'
More attributes, methods and helpers are well documented and available in the source code.
Send your pull requests with improvements and bug fixes, making sure that all tests PASS
:
$ cd python-sdk
$ virtualenv venv
$ . venv/bin/activate
$ pip install -r vulndb/requirements-dev.txt
$ nosetests vulndb/
..........
----------------------------------------------------------------------
Ran 10 tests in 0.355s
OK
This package embeds the vulnerability database in the vulndb/db/
directory. To update the database with new information follow these steps:
# Update the database
tools/update-db.sh
After updating the database it's a good idea to publish the latest at pypi
using:
rm -rf dist/
python setup.py sdist bdist_wheel
twine check dist/*
twine upload dist/*