Python library and command-line utility for Vulners (https://vulners.com)
Project description
Vulners API v3 Python wrapper
Description
Python 2/3 library for the Vulners Database. It provides search, data retrieval, archive and vulnerability scanning API's for the integration purposes. With this library you can create powerful security tools and get access to the world largest security database.
Python version
Library was tested on a python2 and python3.
How to install
Package is available with PyPI
You can use pip for the installation
pip install -U vulners
Obtaining Vulners API key
Please, register at Vulners website. Go to the personal menu by clicking at your name at the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the library.
Functions and methods
All the callable methods are using Vulners REST API.
Search in database
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
heartbleed_related = vulners_api.search("heartbleed", limit=10)
Get information about document by identificator
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
CVE_2017_14174 = vulners_api.document("CVE-2017-14174")
Search for the public available exploits
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
wordpress_exploits = vulners_api.searchExploit("wordpress 4.7.0")
Get vulnerabilities and exploits by software name and version
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
results = vulners_api.softwareVulnerabilities("httpd", "1.3")
exploit_list = results.get('exploit')
vulnerabilities_list = [results.get(key) for key in results if key not in ['info', 'blog', 'bugbounty']]
Get vulnerabilities by CPE product and version string
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
cpe_results = vulners_api.cpeVulnerabilities("cpe:/a:cybozu:garoon:4.2.1")
cpe_exploit_list = cpe_results.get('exploit')
cpe_vulnerabilities_list = [cpe_results.get(key) for key in cpe_results if key not in ['info', 'blog', 'bugbounty']]
Get references for the vulnerability
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
references = vulners_api.references("CVE-2014-0160")
Score any vulnerability description using Vulners AI
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
text_ai_score = vulners_api.aiScore("My cool vulnerability description")
Download whole database collection and work with data locally
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
all_cve = vulners_api.archive("cve")
Audit Linux hosts for vulnerabilities (RPM/DEB based)
import vulners
vulners_api = vulners.Vulners(api_key="YOUR_API_KEY_HERE")
# Example for CentOS 7
# You can use it for any RPM based OS
# Execute command: rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\\n'
# Use it as package variable input
centos_vulnerabilities = vulners_api.audit(os= 'centos', os_version= '7', package= ['glibc-common-2.17-157.el7_3.5.x86_64'])
vulnerable_packages = centos_vulnerabilities.get('packages')
missed_patches_ids = centos_vulnerabilities.get('vulnerabilities')
cve_list = centos_vulnerabilities.get('cvelist')
how_to_fix = centos_vulnerabilities.get('cumulativeFix')
# Example for Debian 8
# You can use it for any DEB based OS
# Execute command: dpkg-query -W -f='${Package} ${Version} ${Architecture}\\n'
# Use it as package variable input
debian_vulnerabilities = vulners_api.audit(os= 'debian', os_version= '8', package= ['uno-libs3 4.3.3-2+deb8u7 amd64'])
Download web application vulnerability detection regex collection
import vulners
vulners_api = vulners.Vulners()
rules = vulners_api.rules()
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
