script that pulls cve collections from NVD.NIST.GOV.
License
worthingtontech/CVE-Automation-Tool-CAT-
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
CVE Automation Tool (CAT) Python script that allows researchers to aggregate CVEs (with cooresponding CWEs) from NVD.NIST.GOV in order to see trends and filter issues by keywords for differing operating systems, vulnerability types, risk level, and other factors that are relevant to cyber security, whether red or blue team. ### Instructions edit line 8 for amount of days to search backwards from todays date. IE: day = 14 edit line 9 for main API keyword for initial API request IE: apikey = ['Android'] edit line 10 for keywords to parse throught the JSON response keywords = ['Android', 'kernel', 'escalation of privilege', 'remote code execution', 'arbitrary code execution'] ### ### Example Output: { "CVE_data_meta": "CVE-2021-41716", "description": "Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function", "baseScore": 9.8, "vectorSring": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cweID": "CWE-287", "cweID URL": "https://cwe.mitre.org/data/definitions/CWE-287.html", "references": "http://maharashtra.com", "publishedDate": "2021-12-07T19:15Z", "lastModifiedDate": "2021-12-08T14:48Z" }, Happy Searching!!! Use 'issues' tab for problems, comments, gratitude, or updates. Developers: AP, DJ, BR
About
script that pulls cve collections from NVD.NIST.GOV.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published