This script searches NVD's website for new CVES, alerting you by email or telegram. You can configure a list of products that interest you or receive from all vulnerabilities.
Cyber Threat Intelligence Analyst
Currently Working with Threat Intelligence Analyst, using heavily:
Telegram: https://t.me/andreyglauzer
Hello,
i've this problem when start
[2021-08-30 10:27:47] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-08-30T00:00:00:000 UTC-03:00
[2021-08-30 10:27:50] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-08-30T00:00:00:000 UTC-03:00
[2021-08-30 10:27:52] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-08-30T00:00:00:000 UTC-03:00
Traceback (most recent call last):
File "VulnAlert.py", line 124, in
VulnAlert()
File "VulnAlert.py", line 56, in init
Ingestor(args).start
File "VulnAlert.py", line 119, in start
telegram).start
File "/VulnAlert/engines/vulnerability/cve.py", line 74, in start
self.cveinfo(requests.get(url).json(), url)
File "/VulnAlert/engines/vulnerability/cve.py", line 126, in cveinfo
vendor = info['configurations']['nodes'][0]['children'][0]['cpe_match'][0]['cpe23Uri'].split(':')[
IndexError: list index out of range
python --version
Python 3.7.5
Hi,
I want to thank you first for uploading a new version. There might be still a problem I face during script running as following :
After configuring config/config.yml to :
general:
database:
name: 'db.db'
path: 'database/'
proxy:
active: False
ip: "0.0.0.0"
port: 50
emails:
smtp: "0.0.0.0"
sender: "[email protected]"
port: 25
cve:
email:
active: False
to:
- "[email protected]"
template: "config/template.html"
telegram:
active: True
token: "171xxxx279:AAHxxxx1YYaGCTf2Ag0qSq8gO_SDHc"
chat: "227451284"
template: "config/telegram.md"
vendor:
active: True
type: "Vulnerability"
app: "NVD"
mitre: None
.
.
and running python3 VulnAlert.py --config config/config.yml --engine cve
I got :
[2021-03-21 15:59:04] - INFO - CVE
[2021-03-21 15:59:04] - INFO - Start Engine
[2021-03-21 15:59:04] - INFO - Validating the database/db.db data file to continue.
[2021-03-21 15:59:04] - INFO - Starting CVE search process
[2021-03-21 15:59:04] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?modStartDate=2021-03-21T00:00:00:000 UTC-03:00
[2021-03-21 15:59:05] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?modStartDate=2021-03-20T00:00:00:000 UTC-03:00
[2021-03-21 15:59:06] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-03-21T00:00:00:000 UTC-03:00
[2021-03-21 15:59:07] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-03-20T00:00:00:000 UTC-03:00
[2021-03-21 15:59:08] - INFO - Downloading the items in the url https://services.nvd.nist.gov/rest/json/cves/1.0?pubStartDate=2021-03-20T00:00:00:000 UTC-03:00
[2021-03-21 15:59:11] - ERROR - CVE CVE-2019-15562 rejected or is still in dispute.
I tried couble things like :
Playing with config/config.yml file and change template value to full path + changing CHAT ID to other one ( After checking of ability to send message with it via Telegram API ) , changing vendor active to False.
Same error happens. Also, when I tried --log DEBUG --log INFO nothing extra really comes with the stdout.
Also I tried without --engine flag : The result is :
python3 VulnAlert.py --config config/config.yml
[2021-03-21 16:02:51] - INFO - CVE
[2021-03-21 16:02:51] - INFO - Start Engine
[2021-03-21 16:02:51] - INFO - Validating the database/db.db data file to continue
No notification sent via my bot to my username telegram ID or groub chat ID ( After checking the possiblity of sending message through both of them via Telegram API without problems ).
Let me know if there are anything I could provide to solve this problem ..
Thank you and have a great day :)
Very good work! but I can't get it to work!
When I launch the script like this,
./VulnAlert.py -i -c utils/config/config.yml -t Telegram
Traceback (most recent call last):
File "./VulnAlert.py", line 512, in <module>
alerts.start
File "./VulnAlert.py", line 412, in start
self.download()
File "./VulnAlert.py", line 494, in download
loaded = json.loads(data)
File "/usr/lib/python3.5/json/__init__.py", line 312, in loads
s.__class__.__name__))
TypeError: the JSON object must be str, not 'bytes'
Could you help me please?What am I doing wrong?
I have the python version 3.5.3
Thank you!
Hi ,
If I run python3 VulnAlert.py -i -c /oneline/VulnAlert/utils/config/config.yml -t Telegram
I receive :
2021-03-21 01:19:51.930 INFO VulnAlert - start: Starting CVE Download Process
2021-03-21 01:19:51.930 INFO VulnAlert - download: Getting CVES
2021-03-21 01:19:51.930 INFO VulnAlert - download: Getting from https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2002.json.zip
Traceback (most recent call last):
File "VulnAlert.py", line 511, in <module>
alerts.start
File "VulnAlert.py", line 411, in start
self.download()
File "VulnAlert.py", line 488, in download
url = urlopen(urls)
File "/usr/lib/python3.7/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.7/urllib/request.py", line 531, in open
response = meth(req, response)
File "/usr/lib/python3.7/urllib/request.py", line 641, in http_response
'http', request, response, code, msg, hdrs)
File "/usr/lib/python3.7/urllib/request.py", line 569, in error
return self._call_chain(*args)
File "/usr/lib/python3.7/urllib/request.py", line 503, in _call_chain
result = func(*args)
File "/usr/lib/python3.7/urllib/request.py", line 649, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
urllib.error.HTTPError: HTTP Error 404: Not Found
My config.yml is something similar to :
database_path: 'utils/'
database_name: 'database.db'
splunk_dir: '/tmp/'
templatemail: 'utils/template/mail.html'
telegram: False
chat_id: 'Chat ID'
token: '17159XXXX:XXXXD91YYaGCTf2Ag0qSq8gO_SDHc'
mail: '[email protected]'
sendermail: '[email protected]'
smtpmail: 'smtp.mail.com'
portmail: 587
passwdmail: 'passwd'
debug: False
score: 5.0
products:
- name:
id: 'magento'
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.