-
Notifications
You must be signed in to change notification settings - Fork 22
/
api_sample.py
executable file
·151 lines (111 loc) · 3.66 KB
/
api_sample.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
#!/usr/bin/env python3
# API Python wrapper for The Vulnerability & Threat Intelligence Feed Service
# Copyright (C) 2013 - 2022 vFeed, Inc. - https://vfeed.io
import json
cve = "CVE-2017-5715"
# loading a vulnerability information
from core.Information import Information
info = Information(cve).get_info()
# printing the response (by default in JSON)
print(info)
# now printing only Idenfitier or any other specific key
# first we load the response with json.loads
info = json.loads(info)
# Access to key values.
for key in info['description']:
for source in key:
values = key[source]
if "id" in source:
print(values)
if "parameters" in source:
print(values['published'])
print(values['modified'])
print(values['summary'])
# now we load the references
reference = Information(cve).get_references()
print(reference)
reference = json.loads(reference)
for i in range(0, len(reference['references'])):
print("The vendor and his url ({}) = ({})".format(reference['references'][i]['vendor'],
reference['references'][i]['url']))
# loading a vulnerability targets
from core.Classification import Classification
cve = "CVE-2017-0199"
targets = Classification(cve).get_targets()
print(targets)
targets = json.loads(targets)
# looking for a specific target CPE Windows server 2012
print(targets)
# for i in range(0, len(targets['targets'])):
#
# if "cpe:/o:microsoft:windows_server_2012:" in targets['targets'][i]['parameters']['cpe2.2']:
# print(targets['targets'][i]['title'])
# print(targets['targets'][i]['cpe2.2'])
# print(targets['targets'][i]['cpe2.3'])
# loading a vulnerability weakeness
weaknesses = Classification(cve).get_weaknesses()
print(weaknesses)
# loading affected packages
cve = "CVE-2018-14774"
packages = Classification(cve).get_packages()
print(packages)
# loading a vulnerability exploits
from core.Exploitation import Exploitation
cve = "CVE-2017-0199"
exploits = Exploitation(cve).get_exploits()
# printing the response (by default in JSON)
print(exploits)
# doing something more complicated ;)
# extracting exploit source, exploit id and exploit file
data = json.loads(exploits)
# here is the loop to use
for key in data['exploitation']:
for source in key:
print("--------")
print(source)
values = key[source]
for value in values:
print(value['id'])
params = value['parameters']
print(params['file'])
# Enumerating only preventive info (bugs, fixes ....)
from core.Defense import Preventive
cve = "CVE-2017-5638"
advisory = Preventive(cve).get_advisory()
print(advisory)
# loading a vulnerability patching / packages
from core.Defense import Preventive
cve = "CVE-2011-3597"
patches = Preventive(cve).get_patches()
print(patches)
# Listing only detective (IPS, IDS rules + other cool sources)
from core.Defense import Detective
cve = "CVE-2017-5638"
rules = Detective(cve).get_rules()
print(rules)
# Now lets do both
from core.Defense import Defense
cve = "CVE-2017-5638"
defense_data = Defense(cve).get_all()
print(defense_data)
# exporting to json
cve = "CVE-2017-0199"
from core.Export import Export
Export(cve).dump_json()
# search module
from lib.Search import Search
# search a CPE 2.2
cpe = "cpe:/a:apache:tomcat:7.0.5"
print(Search(cpe).search_cpe())
# search a CPE 2.3
cpe = "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"
print(Search(cpe).search_cpe())
# search a cve
cve = "cve-2017-3100"
print(Search(cve).search_cve())
# search a cwe
cwe = "cwe-89"
print(Search(cwe).search_cwe())
# update module
from lib.Update import Update
Update().update()