-
Notifications
You must be signed in to change notification settings - Fork 20
Expand file tree
/
Copy pathpyvfeed.py
More file actions
executable file
·128 lines (107 loc) · 4.38 KB
/
pyvfeed.py
File metadata and controls
executable file
·128 lines (107 loc) · 4.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/usr/bin/env python3
# API Python wrapper for The Vulnerability & Threat Intelligence Feed Service
# Copyright (C) 2013 - 2022 vFeed, Inc. - https://vfeed.io
import sys
import argparse
import importlib
sys.path.append("..")
try:
from core.Risk import Risk
from lib.Update import Update
from lib.Search import Search
from lib.Lang import Lang
from lib.Pkgs import Pkgs
from core.Export import Export
from core.Defense import Defense
from lib.Version import APIversion
from common import utils as utility
from core.Inspection import Inspection
from core.Information import Information
from core.Exploitation import Exploitation
from core.Classification import Classification
except ImportError as e:
module = str(e).split("'")
response = utility.serialize_error(False, module[1], module[0])
sys.exit(response)
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument("--version", help="API info", action="store_true", required=False)
parser.add_argument("--update", help="Database update", action="store_true", required=False)
parser.add_argument("--information", metavar="CVE, CPE", type=str, help="Get information data",
nargs=1)
parser.add_argument("--classification", metavar="CVE, CPE", type=str, help="Get classification data",
nargs=1)
parser.add_argument("--risk", metavar="CVE, CPE", type=str, help="Get risk data",
nargs=1)
parser.add_argument("--inspection", metavar="CVE, CPE", type=str, help="Get Vulnerability testing data",
nargs=1)
parser.add_argument("--exploitation", metavar="CVE, CPE", type=str, help="Get exploits and PoCs data",
nargs=1)
parser.add_argument("--defense", metavar="CVE, CPE", type=str, help="Get detective, reactive & preventive data",
nargs=1)
parser.add_argument("--search", metavar="cve|cpe|cwe", type=str,
help="Search for CVE, CPE2.2 | CPE2.3 or CWE",
nargs=2)
parser.add_argument("--lang", metavar="cpp | python | javascript | golang", type=str,
help="List language vulnerabilities",
nargs=1)
parser.add_argument("--pkgs", metavar="<pkg> [version]", type=str,
help="List affected packages (CPE) vulnerabilities for given package/versions",
nargs="+")
parser.add_argument("--export", metavar="CVE, CPE", type=str, help="Export all metadata to JSON file",
nargs=1)
parser.add_argument("--plugin", metavar="Plugin name", type=str, help="Load third party plugins",
nargs=2)
args = parser.parse_args()
if args.version:
ver = APIversion()
print(ver.api_all_info())
if args.update:
update = Update()
update.update()
if args.information:
id = args.information[0]
print(Information(id).get_all())
if args.classification:
id = args.classification[0]
from core.Classification import Classification
#print(Classification(id).get_packages())
print(Classification(id).get_all())
if args.risk:
id = args.risk[0]
print(Risk(id).get_risk())
if args.inspection:
id = args.inspection[0]
print(Inspection(id).get_all())
if args.exploitation:
id = args.exploitation[0]
print(Exploitation(id).get_exploits())
if args.defense:
id = args.defense[0]
print(Defense(id).get_all())
if args.export:
id = args.export[0]
Export(id).dump_json()
# Export(id).dump_yaml()
if args.search:
type = args.search[0]
type = str.join('_', ("search", type))
id = args.search[1]
result = getattr(Search(id), type)
print(result())
# language vulns
if args.lang:
id = args.lang[0]
print(Lang(id).search_lang())
# pkgs affected vuln
if args.pkgs:
id = args.pkgs[0]
print(Pkgs(id).search_pkgs())
if args.plugin:
plg_name = args.plugin[0]
target = args.plugin[1]
module = str.join('.', ('plugins', plg_name, 'api'))
api_class = getattr(importlib.import_module(module), "api")
api_class().test()
if len(sys.argv) < 2:
parser.print_help()