Part of my everyday work is related with the management of vulnerabilities. Thankfully there are many online sources that provide tons of information.
However, I needed to process them, and assess the ones applicable to our environment, in a place with literally no Internet connection. Getting our info (ie vulns affecting us) to an Internet facing station to check them was not an option. So, I had somehow to download a full CVE database and get it to the place I needed to process them.
While there are many nice tools suitable for vulnerability assessment in general (commercial as well as open-source), I didn't find something simple yet effective that could fulfill my aforementioned need. So, I decided to write my own python script.
Specifically, my goal was:
a. To be able to download from a public reliable source all the known CVEs (NIST NVD was chosen as a source of information - if you have another suggestion, please let me know).
b. Parse them and extract as a CSV file.
c. Import them in a database (postgesql is my favourite for a long time now).
And then, cve_manager was born.
It is pretty simple. It only requires Python 3 ("psycopg2" and "requests" python libraries).
Then using -d switch it automatically downloads all the CVEs from NIST NVD.
Using -p -csv it parses them (after having been downloaded) and saves them as CSV files.
For more info (e.g. how to import them in a database, or even to perform some simple queries) can be found at its readme. The tool even allows to automatically create the database schema, truncate it, drop it, etc.
Of course, after importing all this data in a database, you can literally do whatever you want: create complex queries, correlate them with the CVEs that you know are applicable to your environment, etc.
You can get this simple cve_manager from here.
Enjoy :-)
Write a comment