patrowl / patrowlhears Goto Github PK
View Code? Open in Web Editor NEWPatrowlHears - Vulnerability Intelligence Center / Exploits
Home Page: https://patrowlhears.io
License: GNU Affero General Public License v3.0
PatrowlHears - Vulnerability Intelligence Center / Exploits
Home Page: https://patrowlhears.io
License: GNU Affero General Public License v3.0
the default accounts are not being accepted when installing using installation script, is there any way to reset the password from console?
Vulnerabilities search (/vulns): Add a quick filter button on monitored assets
Test with CVE-2019-7821
Hi team,
When following instructions, i have the following error with a simple docker-compose up:
TypeError: 'Meta.fields' must not contain non-model field names: search, monitored, exploit_count__gt, exploit_count__gte, exploit_count__lt, exploit_count__lte
It seems that the docker is not mounting properly, I tried to give more resources to the docker daemon but nothing changes.
Thanks
Does it planned to have CVSS 3.0 support ? actually, I just see CVSS2.0 ?
Enable alerting to TheHive (manual and auto)
Hi,
since few days, I have this error:
[+] (Re-)Start Supervisord (Celery workers)
Shut down
celery-hears-workers:celery-hears-alerts BACKOFF Exited too quickly (process log may have details)
celery-hears-workers:celery-hears-beat BACKOFF Exited too quickly (process log may have details)
celery-hears-workers:celery-hears-data1 BACKOFF Exited too quickly (process log may have details)
celery-hears-workers:celery-hears-data2 BACKOFF Exited too quickly (process log may have details)
celery-hears-workers:celery-hears-data3 BACKOFF Exited too quickly (process log may have details)
celery-hears-workers:celery-hears-default BACKOFF Exited too quickly (process log may have details)
[+] Starting backend server (Gunicorn) on 127.0.0.1:8303
[+] Starting WEB server (nginx) on 127.0.0.1:8383
[+] Restart finished.
In logs:
Error:
Unable to load celery application.
Module 'backend_app' has no attribute 'celery'
Error:
Unable to load celery application.
Module 'backend_app' has no attribute 'celery'
Any idea?
Thanks
Antonin
[Alerts] Send alert with criteria (CVSS score > x, has exploits, ...)
Add a field to indicate if the vuln is "fixed", "not concerned", ... in order to no longer have irrelevant information
Search: paginate results
Hi! I have problem to send alert to slack
I tried configuring the 'backend_app/backend_app/settings.py' the api-token and the webhook by the GUI 'Slack alerting' but the alert does not arrive on slack channel
Also probe generate this task via api so that it sends via slack the alert but it does not arrive
Thank you very much for sharing this project with the community.
SSO Authentication (ADFS/LDAP/OAuth)
Organization selection: modal and paginated results
OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source maintainers and consumers of open source.
This feed contains vulnerabilities from OSS-Fuzz (mostly C/C++), Python, and Go, and DWF.
User management feature: activate/desactivate user
Hello,
is there a way to modify/update Org and User informations (email, name of the org...), and to modify some permission?
I'm using the Community Edition.
Congrats for the amaizing job.
Antonin
When running the install.sh script I'm getting the following errors:
ERROR: Cannot install -r requirements.txt (line 17) and asgiref==3.2.3 because these package versions have conflicting dependencies.
The conflict is caused by:
The user requested asgiref==3.2.3
django 3.1.6 depends on asgiref<4 and >=3.2.10
To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict
ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/user_guide/#fixing-conflicting-dependencies
[+] Collect static files
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] Make database migrations
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] Apply database migrations
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] Create default admin user if needed
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] Create default admin private organization if needed
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] (Re-)Start Supervisord (Celery workers)
./install.sh: line 101: supervisorctl: command not found
./install.sh: line 103: supervisord: command not found
./install.sh: line 105: supervisorctl: command not found
[+] Starting backend server (Gunicorn) on 127.0.0.1:8303
./install.sh: line 109: gunicorn: command not found
[+] Starting WEB server (nginx) on 127.0.0.1:8383
[+] Load initial DB data
Using dump dir: var/data
/tmp/ci-I7oYpNqIxY
./
./HistoricalExploitMetadata.json
./Vuln.json
./HistoricalThreatMetadata.json
./HistoricalVuln.json
./Package.json
./Vendor.json
./ThreatMetadata.json
./CWE.json
./PackageType.json
./ExploitMetadata.json
./CVE.json
./Product.json
./CPE.json
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
[+] Fetch and load latest DB updates from public repos
Using tmp dir: /tmp/ci-aaxq5ndwRG
[+] Download and untar the latest release of PatrowlHearsData
--2021-04-07 12:51:38-- https://github.com/Patrowl/PatrowlHearsData/archive/2021-04-07.tar.gz
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/Patrowl/PatrowlHearsData/tar.gz/2021-04-07 [following]
--2021-04-07 12:51:38-- https://codeload.github.com/Patrowl/PatrowlHearsData/tar.gz/2021-04-07
Resolving codeload.github.com (codeload.github.com)... 140.82.121.10
Connecting to codeload.github.com (codeload.github.com)|140.82.121.10|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘/tmp/ci-aaxq5ndwRG/2021-04-07.tar.gz’
2021-04-07.tar.gz [ <=> ] 99.02M 5.54MB/s in 19s
2021-04-07 12:51:58 (5.16 MB/s) - ‘/tmp/ci-aaxq5ndwRG/2021-04-07.tar.gz’ saved [103825480]
[+] Untar archive
[i] Last update:
[+] Import data (diff from base)
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
Traceback (most recent call last):
File "manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "manage.py", line 21, in <module>
main()
File "manage.py", line 16, in main
) from exc
ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment?
I am running it on a Ubuntu 18.04 VM in VirtualBox
There is 2 problems noticed after a few tests :
When trying to play with the Try it out on the swagger, I got an unexcpeted error.
This seem that the swagger doesnt take care of the port where running the patr0wlHears
I launch the docker on the 8383 port, and when try to fetch I got in the swagger extract :
Request URL
http://xxx.xxxx.xxx.xxx/api/alerts/
and not
Request URL
http://xxx.xxxx.xxx.xxx:8383/api/alerts/
as said in : https://stackoverflow.com/a/59457975/4086042
this seem to be a configuration error
2.It's not possible to try with a API Key
http://localhost:8080/#/monitoring
No button available to quickly remove monitored vendors, products and vulnerabilities
Implement import/export features supporting JSON and CSV format
Alerting: Add test mail button
Hello,
I was trying to figure out another way of fixing #71 so I went into the "frontend" folder and did an "npm install"
That failed with the following output:
root@ubuntu-server:~/PatrowlHears/frontend# npm install
loadDevDep:vuetify-loader ▄ ╢█████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated [email protected]: babel-eslint is now @babel/eslint-parser. This package will no longer receive updates.
npm WARN deprecated [email protected]: This loader has been deprecated. Please use eslint-webpack-plugin
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated @hapi/[email protected]: Switch to 'npm install joi'
npm WARN deprecated @hapi/[email protected]: Moved to 'npm install @sideway/address'
npm WARN deprecated @hapi/[email protected]: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated @hapi/[email protected]: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated @hapi/[email protected]: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
loadDep:chalk → resolveWi ▄ ╢█████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
loadDep:through → addName ▐ ╢█████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
loadDep:ansi-escapes ▀ ╢█████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
loadDep:fsevents → addNam ▄ ╢██████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
loadDep:webpack-merge → g ▌ ╢████████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
loadDep:webpack-merge → r ▐ ╢████████████████████████████████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated [email protected]: 3.x is no longer supported
npm ERR! Linux 4.15.0-140-generic
npm ERR! argv "/usr/bin/node" "/usr/bin/npm" "install"
npm ERR! node v8.10.0
npm ERR! npm v3.5.2
npm ERR! code EMISSINGARG
npm ERR! typeerror Error: Missing required argument #1
npm ERR! typeerror at andLogAndFinish (/usr/share/npm/lib/fetch-package-metadata.js:31:3)
npm ERR! typeerror at fetchPackageMetadata (/usr/share/npm/lib/fetch-package-metadata.js:51:22)
npm ERR! typeerror at resolveWithNewModule (/usr/share/npm/lib/install/deps.js:456:12)
npm ERR! typeerror at /usr/share/npm/lib/install/deps.js:457:7
npm ERR! typeerror at /usr/share/npm/node_modules/iferr/index.js:13:50
npm ERR! typeerror at /usr/share/npm/lib/fetch-package-metadata.js:37:12
npm ERR! typeerror at addRequestedAndFinish (/usr/share/npm/lib/fetch-package-metadata.js:82:5)
npm ERR! typeerror at returnAndAddMetadata (/usr/share/npm/lib/fetch-package-metadata.js:117:7)
npm ERR! typeerror at pickVersionFromRegistryDocument (/usr/share/npm/lib/fetch-package-metadata.js:134:20)
npm ERR! typeerror at /usr/share/npm/node_modules/iferr/index.js:13:50
npm ERR! typeerror This is an error with npm itself. Please report this error at:
npm ERR! typeerror <http://github.com/npm/npm/issues>
npm ERR! Please include the following file with any support request:
npm ERR! /root/PatrowlHears/frontend/npm-debug.log
I know NPM says this is an issue with NPM itself but seeing as it's a missing argument error I think that's not the case.
Forgot password / Renew feature
Some CPEs are not visible within the Paltrow dashboard (eg CVE-2021-23988).
By checking the import log there are no CPEs, but Patrowl still manages to categorize the CVE through "vendor: technology" (as if it were aware of the CPE).
By searching for the CVE on the NIST website, the information relating to the CPEs is correctly visible.
Having the ability to import lists of various things to be monitored via a standard format e.g. JSON, would be extremely beneficial. Rather than scrolling through the lists and/or having to manually add them on the backend, this would be much more convenient.
Support custom emails templates
In Settings / Orgs + Users
When editing a user and clicking "renew password", a new password is displayed.
When the window is closed and another user is edited, the same password is still displayed.
I'd love, if you could put the PatrowlHears Docker image on DockerHub.
Thanks in advance!
Add metrics on monitored assets in the homepage and add a direct link to the monitored assets (/monitoring)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.