vulnersCom / Api
Licence: gpl-3.0
Vulners Python API wrapper
Stars: ✭ 313
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Api
Arissploit
Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-63.58%)
Mutual labels: database, vulnerability, exploits, vulnerability-detection
Vfeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+163.9%)
Mutual labels: vulnerability, exploits, vulnerability-detection
Securitymanageframwork
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+20.77%)
Mutual labels: scanner, exploits, vulnerability-detection
quick-scripts
A collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (-76.68%)
Mutual labels: scanner, vulnerability, vulnerability-detection
Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-94.25%)
Mutual labels: scanner, vulnerability, vulnerability-detection
NSE-scripts
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-66.45%)
Mutual labels: scanner, vulnerability, vulnerability-detection
Openvas Scanner
Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+237.38%)
Mutual labels: scanner, vulnerability, vulnerability-detection
Xunfeng
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+900.32%)
Mutual labels: scanner, exploits, vulnerability-detection
PXXTF
Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-92.65%)
Mutual labels: scanner, exploits
scan-cli-plugin
Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (-56.87%)
Mutual labels: vulnerability, vulnerability-detection
vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (-14.06%)
Mutual labels: vulnerability, vulnerability-detection
CVE-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-78.91%)
Mutual labels: exploits, vulnerability
log4shell-finder
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-92.97%)
Mutual labels: scanner, vulnerability
raptor infiltrate20
#INFILTRATE20 raptor's party pack
Stars: ✭ 24 (-92.33%)
Mutual labels: exploits, vulnerability
lachesis
👨💻 A work-in-progress web services mass scanner written in Rust
Stars: ✭ 55 (-82.43%)
Mutual labels: scanner, vulnerability
vulnscan
A static binary vulnerability scanner
Stars: ✭ 47 (-84.98%)
Mutual labels: scanner, vulnerability
browserrecon-php
Advanced Web Browser Fingerprinting
Stars: ✭ 29 (-90.73%)
Mutual labels: vulnerability, vulnerability-detection
SQL Injection Payload
SQL Injection Payload List
Stars: ✭ 62 (-80.19%)
Mutual labels: vulnerability, vulnerability-detection
mondoo
🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-80.83%)
Mutual labels: scanner, vulnerability
Vulners API v3 Python wrapper
Description
Python 2/3 library for the Vulners Database. It provides search, data retrieval, archive and vulnerability scanning API's for the integration purposes. With this library you can create powerful security tools and get access to the world largest security database.
Python version
Library was tested on a python2 and python3.
How to install
Package is available with PyPI
You can use pip for the installation
pip install -U vulners
Obtaining Vulners API key
Please, register at Vulners website. Go to the personal menu by clicking at your name at the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the library.
Functions and methods
All the callable methods are using Vulners REST API.
Search in database
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
heartbleed_related = vulners_api.search("heartbleed", limit=10)
Get information about document by identificator
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
CVE_2017_14174 = vulners_api.document("CVE-2017-14174")
Get information about multiple documents by identificators
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
CVE_DATA = vulners_api.documentList(["CVE-2017-14174", "CVE-2016-1175"])
Search for the public available exploits
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
wordpress_exploits = vulners_api.searchExploit("wordpress 4.7.0")
Get vulnerabilities and exploits by software name and version
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
results = vulners_api.softwareVulnerabilities("httpd", "1.3")
exploit_list = results.get('exploit')
vulnerabilities_list = [results.get(key) for key in results if key not in ['info', 'blog', 'bugbounty']]
Get vulnerabilities by CPE product and version string
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
cpe_results = vulners_api.cpeVulnerabilities("cpe:/a:cybozu:garoon:4.2.1")
cpe_exploit_list = cpe_results.get('exploit')
cpe_vulnerabilities_list = [cpe_results.get(key) for key in cpe_results if key not in ['info', 'blog', 'bugbounty']]
Get references for the vulnerability
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
references = vulners_api.references("CVE-2014-0160")
Get Windows KB superseeding and parentseeding information
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
# Superseeding information will be returned as dict
# with two fields: 'superseeds', 'parentseeds'.
# Superseeds means "what KB are covered by this KB".
# Parentseeds means "what KB are covering this KB".
superseeds = vulners_api.kbSuperseeds("KB4524135")
Get Windows KB updates list and download urls
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
microsoft_updates_for_kb = vulners_api.kbUpdates("KB4524135")
updates_download_links = [update.get('href') for update in microsoft_updates_for_kb]
Vulners AI
Score any vulnerability description usingimport vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
text_ai_score = vulners_api.aiScore("My cool vulnerability description")
Get possible query autocompletions
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
possible_autocomplete = vulners_api.autocomplete("heartbleed")
Download whole database collection and work with data locally
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
all_cve = vulners_api.archive("cve")
Audit Windows hosts for installed security KB
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
win_vulners = vulners_api.kbAudit(os="Windows Server 2012 R2", kb_list=["KB4072650", "KB2959936", "KB2894856", "KB2896496"])
need_2_install_kb = win_vulners['kbMissed']
affected_cve = win_vulners['cvelist']
Audit Linux hosts for vulnerabilities (RPM/DEB based)
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
# Example for CentOS 7
# You can use it for any RPM based OS
# Execute command: rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\\n'
# Use it as package variable input
centos_vulnerabilities = vulners_api.audit(os= 'centos', os_version= '7', package= ['glibc-common-2.17-157.el7_3.5.x86_64'])
vulnerable_packages = centos_vulnerabilities.get('packages')
missed_patches_ids = centos_vulnerabilities.get('vulnerabilities')
cve_list = centos_vulnerabilities.get('cvelist')
how_to_fix = centos_vulnerabilities.get('cumulativeFix')
# Example for Debian 8
# You can use it for any DEB based OS
# Execute command: dpkg-query -W -f='${Package} ${Version} ${Architecture}\\n'
# Use it as package variable input
debian_vulnerabilities = vulners_api.audit(os= 'debian', os_version= '8', package= ['uno-libs3 4.3.3-2+deb8u7 amd64'])
Download Linux (RPM/DEB based) vulnerability assessment data for local processing
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
# Example for CentOS 7
centos_vulnerabilities_data = vulners_api.distributive("CentOS", "7")
Download web application vulnerability detection regex collection
import vulners
vulners_api = vulners.Vulners()
rules = vulners_api.rules()
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].