cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
Project description
cvet
cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com.
Find out more information at our blog.
Installation
cvet can be installed from PyPi using the following command:
pipx install cvet
If this tool is not yet availible via PyPi, you can install it directly from the repository using:
git clone https://github.com/Sprocket-Security/cvetrends.git
cd cvetrends && pip3 install .
For development, clone the repository and install it locally using poetry.
git clone https://github.com/Sprocket-Security/cvetrends.git && cd cvetrends
poetry shell
poetry install
Usage
The cvet help menu is shown below:
Usage: cvet [OPTIONS] [[day|week]]
cvetrends.com CLI
╭─ Arguments ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ TIME_FRAME [[day|week]] │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Options ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ --notify -n TEXT Slack webhook to notify on run │
│ --repo-threshold -rt INTEGER Number of repos needed to show CVE. [default: 1] │
│ --help -h Show this message and exit. │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
cvet can query time frames of 24 hours or 7 days using a value of day or week. The default is day.
cvet week
Results are returned in a pretty table format and only vulnerabilities that have more than -rt PoC GitHub repos published are shown. The default is 1.
cvet day -rt 2
cvet also allows you to specify a Slack webhook to notify on run using the -n or --notify flag. This is useful if you want to be notified of new vulnerabilities and run this tool on a cron.
cvet -n https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -rt 2
An example Slack notification is shown below:
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cvetrends-0.0.1.tar.gz.
File metadata
- Download URL: cvetrends-0.0.1.tar.gz
- Upload date:
- Size: 5.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.9.13 Darwin/21.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0bd113790e17ec8da6c29e1493666db64d899890a7d9a089e09677958eea2237
|
|
| MD5 |
4f73c1b35eba1f8c4173138155458cf7
|
|
| BLAKE2b-256 |
807028f51d60e3da8b7c5336b1bc1bd85289180cbef36688d70dd70eb7630bd6
|
File details
Details for the file cvetrends-0.0.1-py3-none-any.whl.
File metadata
- Download URL: cvetrends-0.0.1-py3-none-any.whl
- Upload date:
- Size: 7.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.9.13 Darwin/21.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ae7b21d18e8c79346a879a2f4e3b8662b9a7ea51a77ab5348fdd526c65345bb3
|
|
| MD5 |
f95a741c7d5839fee8430d4005de77b4
|
|
| BLAKE2b-256 |
d021485c024e7072a9aa59a79a8201c5d716357cdb2afac8ffc22816534b3b8d
|
