GithubHelp home page GithubHelp logo

cvlabsio / cvetrends Goto Github PK

View Code? Open in Web Editor NEW

This project forked from sprocket-security/cvetrends

0.0 0.0 0.0 29 KB

cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com

License: BSD 3-Clause "New" or "Revised" License

Python 100.00%

cvetrends's Introduction

cvet

02082022_12 53-000469



cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com.

Find out more information at our blog.

Installation / Usage



Installation

cvet can be installed from PyPi using the following command:

pipx install cvetrends

If this tool is not yet availible via PyPi, you can install it directly from the repository using:

git clone https://github.com/Sprocket-Security/cvetrends.git
cd cvetrends && pip3 install .

For development, clone the repository and install it locally using poetry.

git clone https://github.com/Sprocket-Security/cvetrends.git && cd cvetrends
poetry shell 
poetry install

Usage

The cvet help menu is shown below:

 Usage: cvet [OPTIONS] [[day|week]]                                                                                              
                                                                                                                                 
 cvetrends.com CLI                                                                                                               
                                                                                                                                 
╭─ Arguments ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ TIME_FRAME    [[day|week]]                                                                                                    │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Options ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ --notify          -n   TEXT     Slack webhook to notify on run                                                                │
│ --repo-threshold  -rt  INTEGER  Number of repos needed to show CVE. [default: 1]                                              │
│ --help            -h            Show this message and exit.                                                                   │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯

cvet can query time frames of 24 hours or 7 days using a value of day or week. The default is day.

cvet week

Results are returned in a pretty table format and only vulnerabilities that have more than -rt PoC GitHub repos published are shown. The default is 1.

cvet day -rt 2

cvet also allows you to specify a Slack webhook to notify on run using the -n or --notify flag. This is useful if you want to be notified of new vulnerabilities and run this tool on a cron.

cvet -n https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -rt 2

An example Slack notification is shown below:

02082022_12 54-000470

cvetrends's People

Contributors

puzzlepeaches avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.