GithubHelp home page GithubHelp logo

cli's Introduction

VulnCheck Logo

The VulnCheck CLI

vulncheck is access to the VulnCheck API on the command line. It brings index browsing, backup management, and vulnerability scanning to the terminal.

Release Go Report Card Go Reference Lint Tests PRs Welcome

Installation

Provided install scripts

You can easily install vulncheck using an install script. Choose the script and method that matches your operating system:

Note

The installation script may require administrator privileges to install vulncheck system-wide. You may be prompted for your password during the installation process.

macOS and Linux

Open a terminal and run the following command:

curl -sSL https://raw.githubusercontent.com/vulncheck-oss/cli/main/install.sh | bash

Windows

Option 1: Using PowerShell Open PowerShell and run:

iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/vulncheck-oss/cli/main/install.ps1'))

vulncheck binaries are also available for MacOS, Linux, and Windows. You can download precompiled binaries from our releases page

Note

Support for package managers is coming soon.

Configuration

  • Run vulncheck auth login to authenticate with your VulnCheck account.
  • Alternatively vulncheck will respect the VC_TOKEN environment variable.
  • vulncheck auth by itself will show other options like checking your status and logging out.

Available commands

Browse/list indices

You can browse all available indices interactively or output them as a list

vulncheck indices browse|list <search> [flags]

You can search for a specific index by passing a search term.

Tip

Pressing [Enter] on an index while browsing will begin browsing that particular index

Flags (list only)

Flag Description
--json Output the list of indices in JSON format.

Browse/list an index

You can browse the contents of any index interactively or output some as JSON

vulncheck index browse|list <index> [flags]

Flags

Flag Type Description
--alias string Alias
--asn string Asn
--botnet string Botnet
--country string Country
--countrycode string CountryCode
--cursor string Cursor
--cve string Cve
--hostname string Hostname
--iava string Iava
--id string ID
--lastmodenddate string LastModEndDate
--lastmodstartdate string LastModStartDate
--limit string Limit
--mispid string MispId
--mitreid string MitreId
--nextcursor string NextCursor
--order string Order
--page string Page
--prevcursor string PrevCursor
--pubenddate string PubEndDate
--pubstartdate string PubStartDate
--ransomware string Ransomware
--sort string Sort
--threatactor string ThreatActor
--help Show help for command

Download a backup

Download a backup of a specified index either interactively or retrieve a signed temporary URL

vulncheck backup download|url <index>

Flags (url only)

Flag Description
--json Output the download URL in JSON format.

Request vulnerabilities related to a CPE

Based on the specified CPE (Common Platform Enumeration) URI string, this endpoint will return a list of vulnerabilities that are related to the package. We support v2.2 and v2.3

vulncheck cpe <cpe>

Request vulnerabilities related to a PURL

Based on the specified PURL, this command will return a list of vulnerabilities that are related to the package. You can find a list of supported package managers here

vulncheck purl <purl>

Scan a repository for vulnerabilities

This command will scan a directory for traces of packages via generating an SBOM and then check for vulnerabilities.

vulncheck scan <path> [flags]

Flags

Flag Description
-f Save scan results to output.json

Tip

Looking to plug this into your Github Repository? Check out our own Action

cli's People

Contributors

acidjazz avatar tcampbppu avatar dependabot[bot] avatar j-baines avatar

Stargazers

Charles Pellens avatar Ankur Tyagi avatar avatar Krystian Bajno avatar James Henning avatar a avatar Florian Kreß avatar Javier Parada avatar MaineK00n avatar avatar EJ avatar Shasheen_B avatar avatar Nbosa avatar Johannes Feichtner avatar Art Manion avatar avatar avatar Firya avatar Matt Nelson avatar Chaz avatar avatar Calvin avatar avatar avatar avatar kimb3r avatar avatar Evan Dweck avatar Darwin avatar Ian Sefferman avatar George Papanikolaou avatar Kostas Papageorgiou avatar Andrew Dooley avatar avatar Johnny Ramos avatar Michael Tran avatar Ryan Cribelar avatar Jake Payton avatar Agni Bhattacharyya avatar avatar Clément Fouque avatar Christophe PARISEL avatar Ivan Jedek avatar avatar Preetam avatar Adrian Sanabria avatar Pulkit Banta avatar Prashanth Pai avatar Aadarsh avatar Paul Bailey avatar Mandar Gokhale avatar Jerrid Brown avatar Ben Nugent avatar Mister Coffee avatar Justin Wayne avatar avatar avatar avatar avatar avatar Zach Lanier avatar Ross Smith avatar Patrick Garrity avatar Scott Moore avatar Joe Boyle avatar Lawrence Systems avatar avatar Pwnzzz 💀 avatar Alok Shukla avatar Yotam Perkal avatar Thomas Mackenzie avatar Arun Balakrishnan avatar Tim Roberts avatar 0x73746F66 avatar Andrew Pollock avatar Stof avatar avatar avatar avatar avatar Tim Lee avatar avatar Tony Wenzel avatar avatar avatar avatar Benjamin Edwards avatar mauvehed avatar James Berthoty avatar Dino B Dunn avatar avatar Mike McNeil avatar Jonathan Rau avatar Drew_V avatar Stephen Shaffer avatar avatar Machevalia avatar avatar Alex avatar

Watchers

avatar Patrick Garrity avatar avatar a avatar avatar

Forkers

fckoo acidjazz blackshakes byrev patrickmgarrity

cli's Issues

Rename binary from vci to vulncheck

  • look and find/replace all cases of vci to vulncheck
  • change alias issue to point vci -> vulncheck
  • test all scripts/namespace/etc with the new namespace
  • re-do PR to brew with the updated formula once other repo stipulations are met

[BUG] lower case cvef or --cve errors

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

--cve cve-xx-xxx breaks while --cve CVE-xx-xxxx works fine

Expected Behavior

No response

Steps To Reproduce

No response

Which operating system where you on?

None

Anything else?

No response

[FEATURE] add token functionality

Is there an existing issue for this?

  • I have searched the existing issues

Issue / Request Related to a Problem?

  • wait for SDK to support endpoints and upgrade
  • token command shows all subcommands w/ detail and exampels
  • list tokens showing portions of the token and other detail
  • delete a token
  • create a token - prompt to show the token temporarily w/ instructions to copy/etc
  • look into other features to ease the injection of tokens

Solution

No response

Additional Context

No response

[BUG] queryParameters should not SetString on empty values

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

No response

Expected Behavior

No response

Steps To Reproduce

No response

Which operating system where you on?

None

Anything else?

No response

[FEATURE] Add support for PDNS

Is there an existing issue for this?

  • I have searched the existing issues

Issue / Request Related to a Problem?

No response

Solution

  • Step 1
  • Step 2
  • Step 3

Additional Context

No response

Get a starting formula PR'ed to the homebrew core repo 

class Vci < Formula
  desc "VulnCheck command-line tool"
  homepage "https://github.com/vulncheck-oss/cli"
  url "https://github.com/vulncheck-oss/cli/archive/refs/tags/v0.4.2.tar.gz"
  sha256 "d06798ef8321c08835c9370fbe4545ecf0eb5c9b21cbc7db3f6e090ce34fafd7"
  license "Apache-2.0"

  head "https://github.com/vulncheck-oss/cli.git", branch: "main"

  livecheck do
    url :stable
    strategy :github_latest
  end

  depends_on "go" => :build

  deny_network_access! [:postinstall, :test]

  def install
    with_env(
      "VC_VERSION" => version.to_s,
      "GO_LDFLAGS" => "-s -w -X main.updaterEnabled=vulncheck-oss/cli",
    ) do
      system "make", "bin/vci", "manpages"
    end
    bin.install "bin/vci"
    generate_completions_from_executable(bin/"vci", "completion")
  end

  test do
    assert_match "vci version #{version}", shell_output("#{bin}/vci version")
    assert_match "View indices", shell_output("#{bin}/vci indices 2>&1")
    assert_match "Browse or list an index", shell_output("#{bin}/vci index 2>&1")
  end
end

https://docs.brew.sh/Adding-Software-to-Homebrew#formulae

[BUG] vci auth login web does not work with Safari - blocks non-HTTPS even if its localhost

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

safari blocks non-https traffic even if its localhost.

https://stackoverflow.com/questions/46394682/safari-keeps-forcing-https-on-localhost

Expected Behavior

allow non-https from localhost since its not really remote

Steps To Reproduce

No response

Which operating system where you on?

Mac

Anything else?

possible fixes

  • add copy to warn that this does not work (non-breaking)
  • look into shipping the CLI with its own cert/key so that it can serve properly over https ( breaking )

Check for new releases and inform if a new one exists

Write a package that compares the local version of the CLI, the current latest, and if they are different, show off that a new version is available.

A new release of vci is available: 2.42.1 -> 2.60.0

  • detect what package manager was used to install the cli
  • show an example of how to update the cli w/ that package manager

[FEATURE] Add support for ipintel kind query parameter

Is there an existing issue for this?

  • I have searched the existing issues

Issue / Request Related to a Problem?

The ability to filter on kind has been added to ipintel indices and would be nice to add to the cli. I am not sure if there is more to the solution than the sdk bits + bumping sdk.

Solution

  • Add to sdk
  • Bump sdk in cli

Additional Context

No response

[BUG] OSX default terminal not showing colors

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

No response

Expected Behavior

No response

Steps To Reproduce

No response

Which operating system where you on?

Mac

Anything else?

No response

[BUG] crash in windows with index list

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

No response

Expected Behavior

No response

Steps To Reproduce

No response

Which operating system where you on?

None

Anything else?

No response

[BUG] Download Complete - Load Bar

Is there an existing issue for this?

  • I have searched the existing issues

What happened?

When I downloaded the exploits backup the load bar does not complete even though the backup completed successfully
Screenshot 2024-09-06 at 1 42 39 PM

Expected Behavior

The download bar should complete

Steps To Reproduce

  1. Run vci backup download exploits

Which operating system where you on?

None

Anything else?

No response

[FEATURE] Add Flags for Listing Index to show Meta data

Is there an existing issue for this?

  • I have searched the existing issues

Issue / Request Related to a Problem?

When listing an index we dont show the meta so for something like using pagination/cursor the user would not know the values.

image

Solution

  • Step 1
  • Step 2
  • Step 3

Additional Context

No response

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.