Implement vulnerabilities scanning on top of package management system like apt, pip, composer...

These details have not been verified by PyPI

Project links

Homepage

Project description

Scabi

Implement vulnerabilities scanning on top of package management system like apt, pip, composer...

Install

You can install scabi either via pip (PyPI) or from source. To install using pip:

python3 -m pip install scabi

Or manually:

git clone https://github.com/remiflavien1/scabi
cd scabi
python3 setup.py install

CLI

Scabi

Usage:
  scabi <pms> <package> [--verbose --detail ] [--oss  --mitre] [-s FILE]
  scabi -h --help --version

Options:
  -v --verbose      Show full output.
  -d --detail       Show CVE details.
  -o --oss          Search vulnerabilities only through OSS.
  -m --mitre        Search vulnerabilities only through MITRE.
  -s --save FILE    Save output to file.
  -h --help         Show this screen.

Example of output for the python module django:

$ scabi -v pip django

The dependencies for <django> are :
... pytz
... sqlparse
... asgiref
... argon2-cffi
... bcrypt

>>>>>>>>>>>>>>> SEARCH IN OSS INDEX <<<<<<<<<<<<<<<
NO VULNERABILITIES FOUND

>>>>>>>>>>>>>>> SEARCH IN MITRE DATABASE <<<<<<<<<<<<<<<

-------------- Package: <bcrypt> --------------

CVE : CVE-2020-5229
CVE DETAIL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5229
DESCRIPTION Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. ...

CVE : CVE-2019-13421
CVE DETAIL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13421
DESCRIPTION Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.
...

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

1.0.1

Apr 19, 2020

1.0.0

Apr 18, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scabi-1.0.1.tar.gz (5.0 kB view details)

Uploaded Apr 19, 2020 Source

Built Distribution

scabi-1.0.1-py3-none-any.whl (6.1 kB view details)

Uploaded Apr 19, 2020 Python 3

File details

Details for the file scabi-1.0.1.tar.gz.

File metadata

Download URL: scabi-1.0.1.tar.gz
Upload date: Apr 19, 2020
Size: 5.0 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.6.9

File hashes

Hashes for scabi-1.0.1.tar.gz
Algorithm	Hash digest
SHA256	`75007a828d537a059ad3bea954e9402062376094aa0557486042b2c7623b1c16`
MD5	`f5aba024ff215bc767f5a7a6a571585d`
BLAKE2b-256	`e2e2414a093daccd269ade813c10d65b159e7660ea19527d38f6bdf6d5aa578c`

See more details on using hashes here.

File details

Details for the file scabi-1.0.1-py3-none-any.whl.

File metadata

Download URL: scabi-1.0.1-py3-none-any.whl
Upload date: Apr 19, 2020
Size: 6.1 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.6.9

File hashes

Hashes for scabi-1.0.1-py3-none-any.whl
Algorithm	Hash digest
SHA256	`b44575b8ff99fc18e8da0bb49aa15292e6324dc3f5ac0033f30bbf06b493030a`
MD5	`6a3a2cfde61748d9757b5f8d65bfa2f7`
BLAKE2b-256	`680c314b448522dbe9233aac743303bc3dfceb5ff841b8a07551019228af4545`