An IP to vulnerability utility
Project description
ip2vulns
An IP to vulnerabilities utility. This tool is able to retrieve information related to given IP(s). This tool takes advantage of Shodan InternetDB API.
For CVE information, this tool retrieve CVE information from NIST NVD.
Disclaimer
By using this, you also agree to the term of use of the APIs used.
Installation
Using the following pip command to install: pip install ip2vulns
Usage
usage: ip2vulns [-h] [-inet INTERNETDB [INTERNETDB ...]] [-o OUT] [-s CVSS] [-d] [--downloaddb] [--ho] [-v]
IP 2 vulneribility tools
options:
-h, --help show this help message and exit
-inet INTERNETDB [INTERNETDB ...], --internetdb INTERNETDB [INTERNETDB ...]
Query information from https://internetdb.shodan.io/
support multiple ip and cidr, separate using space, e.g. -inet 8.8.8.8 51.83.59.99 192.168.0.0/24
if no database if specified, use ./databases/internetdb.db
-o OUT, --out OUT Define output file, default print to stdout
Available option: stdout (default), csv, json
Note: if -db flag is enabled, -out option will be disabled
-s CVSS, --cvss CVSS Enable cvss score filter, required a number
If 0 is given, targets found with no CVE information will be filtered out. And all CVEs will be checked.
When 0 is given, the process can be slow if huge amount of CVEs are founded. Not Recommend to pass 0 in.
-d, --database Write result to database, using SQLite3 database
if no -o flag is provide, write data to internetdb.db in the same directory
--downloaddb download CAPEC and CWE database, csv file, store in ./databases directory
--ho Output hostnames only for scan result.
This option DOES NOT apply to -d/--database option
-v, --version Print current version
Features
The scan operation will be splitted into several groups. Each group contains maximum 256 IPs.
Output to file
When no -o/--out
option is provided, results are printed to stdout.
When providing the -o/--out
option, results will be written to files.
Each group's result will be written to separated files. Group index (starting from 0) will be appened to file output filename.
If 512 IPs are going to be scanned. The results will be written to 2 files. If
-o test.csv
is given, then output files will be:
- test_0.csv
- test_1.csv
Local CVE Database
The project use a local CVE database in order to avoid querying duplicated CVE from NIST NVD.
The local database use TinyDB.
The local database will be stored in $HOME/.config/ip2vulns/cve_db.json
NOTE: This database is not related to
-d/--database
option.
Verbose SQL output
By setting environment variable DEBUG
to True to enable SQL verbose output
In fish shell, use command set -x DEBUG True
or in bash export DEBUG=True
.
NIST NVD Key (Optional, but recommend)
By setting environment variable NVD_KEY
for lower delay of NIST NVD api.
Request a key
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ip2vulns-0.5.8.post5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ade299303d4b7b63d1e24152a6062cbb8b92b427b55b07a4d42ae99398882ac7 |
|
MD5 | 43fab4c8166ae9e963e8092d455a3401 |
|
BLAKE2b-256 | 83c1a63a566a5069593fa419e760c53984f0b4119f4a31a35f92c86f919093f4 |