[![Build Status](https://api.travis-ci.com/facebookincubator/nvdtools.svg?branch=master)](https://travis-ci.com/facebookincubator/nvdtools)
# NVD Tools
A collection of tools for working with [National Vulnerability Database](https://nvd.nist.gov/) feeds.
The [HOWTO](HOWTO.md) provides a broader view on how to effectively use these tools.
---
* [Requirements](#requirements)
* [Installation](#installation)
* [Command line tools](#command-line-tools)
* [cpe2cve](#cpe2cve)
* [csv2cpe](#cpe2cve)
* [fireeye2nvd](#fireeye2nvd)
* [flexera2nvd](#flexera2nvd)
* [idefense2nvd](#idefense2nvd)
* [nvdsync](#nvdsync)
* [rpm2cpe](#rpm2cpe)
* [rustsec2nvd](#rustsec2nvd)
* [vfeed2nvd](#vfeed2nvd)
* [vulndb](#vulndb)
* [Libraries](#libraries)
* [cvss2](#cvss2)
* [cvss3](#cvss3)
* [wfn](#wfn)
* [License](#license)
---
## Requirements
* Go 1.13 or newer
## Installation
You need a properly setup Go environment.
#### Download NVD Tools:
```bash
go get github.com/facebookincubator/nvdtools/...
```
#### Install all included command line tools:
```bash
cd "$GOPATH"/src/github.com/facebookincubator/nvdtools/cmd
go install ./...
```
## Command line tools
### `cpe2cve`
*cpe2cve* is a command line tool for scanning an inventory of CPE names for vulnerabilities.
It expects a stream of lines of delimiter-separated fields, one of these fields being a delimiter-separated list of CPE names in the inventory.
Vulnerability feeds should be provided as arguments to the program in JSON format.
Output is a stream of delimiter-separated input value decorated with a vulnerability ID (CVE) and a delimiter-separated list of CPE names that match this vulnerability.
Unwanted input fields could be erased from the output with `-e` option.
Input and output delimiters can be configured with `-d`, `-d2`, `-o` an `-o2` options.
The column to which output the CVE and matches for that CVE can be configured with `-cve` and `-matches` options correspondingly.
#### Example 1: scan a software for vulnerabilities
```bash
echo "cpe:/a:gnu:glibc:2.28" | cpe2cve -cpe 1 -e 1 -cve 1 nvdcve-1.0-*.json.gz
CVE-2009-4881
CVE-2015-8985
CVE-2016-4429
CVE-2010-3192
CVE-2010-4756
```
#### Example 2: find vulnerabilities in software inventory per production host
```bash
./cpe2cve -d ' ' -d2 , -o ' ' -o2 , -cpe 2 -e 2 -matches 3 -cve 2 nvdcve-1.0-*.json.gz << EOF
host1.foo.bar cpe:/a:gnu:glibc:2.28,cpe:/a:gnu:zlib:1.2.8
host2.foo.bar cpe:/a:gnu:glibc:2.28,cpe:/a:haxx:curl:7.55.0
EOF
host1.foo.bar CVE-2009-4881 cpe:/a:gnu:glibc:2.28
host1.foo.bar CVE-2016-4429 cpe:/a:gnu:glibc:2.28
host2.foo.bar CVE-2014-5119 cpe:/a:gnu:glibc:2.28
host2.foo.bar CVE-2016-4429 cpe:/a:gnu:glibc:2.28
host2.foo.bar CVE-2018-1000120 cpe:/a:haxx:curl:7.55.0
host2.foo.bar CVE-2018-1000122 cpe:/a:haxx:curl:7.55.0
host2.foo.bar CVE-2010-4756 cpe:/a:gnu:glibc:2.28
host2.foo.bar CVE-2017-8817 cpe:/a:haxx:curl:7.55.0
```
### `csv2cpe`
*csv2cpe* is a tool that generates an URI-bound CPE from CSV input, flags configure the meaning of each input field:
* `-cpe_part` -- identifies the class of a product: h for hardware, a for application and o for OS
* `-cpe_vendor` -- identifies the person or organisation that manufactured or created the product
* `-cpe_product` -- describes or identifies the most common and recognisable title or name of the product
* `-cpe_version` -- vendor-specific alphanumeric strings characterising the particular release version of the product
* `-cpe_update` -- vendor-specific alphanumeric strings characterising the particular update, service pack, or point release of the product
* `-cpe_edition` -- capture edition-related terms applied by the vendor to the product; this attribute is considered deprecated in CPE specification version 2.3 and it should be assigned the logical value ANY except where required for backward compatibility with version 2.2 of the CPE specification.
* `-cpe_swedition` -- characterises how the product is tailored to a particular market or class of end users
* `-cpe_targetsw` -- characterises the software computing environment within which the product operates
* `-cpe_targethw` -- characterises the software computing environment within which the product operates
* `-cpe_language` -- defines the language supported in the user interface of the product being described; must be valid language tags as defined by [RFC5646]
* `-cpe_other` -- any other general descriptive or identifying information which is vendor- or product-specific and which does not logically fit in any other attribute value
Omitted parts of the CPE name defaults to logical value ANY, as per [specification](https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf)
Optional flag `-lower` brings the strings to lower case.
#### Example: generate URI-bound CPE name out of comma-separated list of attributes
```bash
$ echo 'a,Microsoft,Internet Explorer,8.1,SP1,-,*' | csv2cpe -x -lower -cpe_part=1 -cpe_vendor=2 -cpe_product=3 -cpe_version=4 -cpe_update=5 -cpe_edition=6 -cpe_language=7
cpe:/a:microsoft:internet_explorer:8.1:sp1:-
```
### `fireeye2nvd`
*fireeye2nvd* downloads the vulnerability data from [FireEye](https://www.fireeye.com/) and converts it into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `flexera2nvd`
*flexera2nvd* downloads the vulnerability data from [Flexera](https://www.flexera.com/) and converts it into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `idefense2nvd`
*idefense2nvd* downloads the vulnerability data from Idefense and converts it into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `nvdsync`
*nvdsync* synchronizes NVD data feeds to local directory; it checks the hashes of the files against the ones provided by NVD and only updates the changed files.
### `rpm2cpe`
*rpm2cpe* takes a delimiter-separated input with one of the fields containing RPM package name and produces delimiter-separated output consisting of the same fields plus CPE name parsed from RPM package name.
#### Example: generate URI-bound CPE name out of RPM package filename
```bash
echo openoffice-eu-writer-4.1.5-9789.i586.rpm | rpm2cpe -rpm=1 -cpe=2 -e=1
cpe:/a::openoffice-eu-writer:4.1.5:9789:~~~~i586~
```
### `rustsec2nvd`
*rustsec2nvd* converts the vulnerabilities from the [Rustsec Advisory-DB](https://github.com/RustSec/advisory-db) into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `snyk2nvd`
*snyk2nvd* downloads the vulnerability data from [Snyk](https://snyk.io/) and converts it into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `vfeed2nvd`
*vfeed2nvd* converts the vulnerability data from [vFeed](https://vfeed.io/) into NVD format. The resulting file can be used as a feed in [`cpe2cve`](#cpe2cve) processor
### `vulndb`
*vulndb* is a command line tool to manage NVD-like vulnerability databases, backed by MySQL.
Supports NVD CVE JSON 1.0 feeds. Data is versioned, organized by provider names and grouped by vendor, custom, and snoozes datasets:
* Vendor dataset: read-only CVE feeds we continuously import.
* Custom dataset: allows to overwrite CVEs from vendor data with custom data during exports
* Snooze dataset: user-defined CVE and metadata with deadline, used for remediation automation
See `vulndb help` for details.
## Libraries
### cvss2
Implementation of [CVSS v2 specification](https://www.first.org/cvss/v2/guide) which provides functions for serializing and deserializing vectors as well as score calculation.
### cvss3
Implementation of [CVSS v3 specification](https://www.first.org/cvss/specification-document) which provides functions for serializing and deserializing vectors as well as score calculation.
## License
nvdtools licensed under Apache License, Version 2.0, as found in the [LICENSE](LICENSE) file.
没有合适的资源?快使用搜索试试~ 我知道了~
nvdtools:一组用于处理国家漏洞数据库(NVD)分发的提要(漏洞,CPE词典等)的工具。
共235个文件
go:196个
md:14个
json:11个
需积分: 50 8 下载量 184 浏览量
2021-02-05
16:33:57
上传
评论
收藏 347KB ZIP 举报
温馨提示
NVD工具 用于处理源的工具的集合。 为如何有效使用这些工具提供了更广阔的视野。 要求 转到1.13或更高版本 安装 您需要正确设置Go环境。 下载NVD工具: go get github.com/facebookincubator/nvdtools/... 安装所有随附的命令行工具: cd " $GOPATH " /src/github.com/facebookincubator/nvdtools/cmd go install ./... 命令行工具 cpe2cve cpe2cve是一个命令行工具,用于扫描CPE名称清单中的漏洞。 它需要一行由定界符分隔的字段,这些字段之一是清单中
资源详情
资源评论
资源推荐
收起资源包目录
nvdtools:一组用于处理国家漏洞数据库(NVD)分发的提要(漏洞,CPE词典等)的工具。 (235个子文件)
changelog 144B
compat 2B
control 450B
README.Debian 131B
.gitignore 7B
cve.go 15KB
vendor.go 14KB
environmental_metrics.go 13KB
cpe2cve_test.go 12KB
matching.go 12KB
schema.go 12KB
schema.go 12KB
providers.go 9KB
package_feed_test.go 9KB
cvecache.go 9KB
uri.go 8KB
csv2cpe.go 8KB
cpe2cve.go 8KB
rustsec.go 8KB
matching_json_test.go 8KB
diff.go 7KB
environmental_metrics.go 7KB
stmt.go 7KB
rustsec_test.go 7KB
score_test.go 6KB
score.go 6KB
stats.go 6KB
vector.go 6KB
config.go 6KB
lookup_test.go 6KB
custom.go 6KB
schema.go 6KB
schema.go 6KB
base_metrics.go 6KB
convert.go 6KB
cpe.go 6KB
compare.go 6KB
client.go 5KB
convert.go 5KB
integration_test.go 5KB
convert.go 5KB
vector_test.go 5KB
cpedict_test.go 5KB
options.go 5KB
export.go 5KB
rpm2cpe.go 5KB
matching_test.go 5KB
stats_test.go 5KB
base_metrics.go 5KB
record.go 5KB
vector.go 5KB
wfn.go 5KB
report.go 5KB
advisory_details.go 5KB
eviction_test.go 5KB
main.go 5KB
snooze.go 4KB
cve.go 4KB
vendorcmd.go 4KB
schema.go 4KB
wfnconvert.go 4KB
convert.go 4KB
cpedict.go 4KB
convert.go 4KB
score_test.go 4KB
fsb.go 4KB
schema.go 4KB
flags.go 4KB
customcmd.go 4KB
versionrange.go 4KB
match_cve.go 4KB
match_cpe.go 4KB
stmt_test.go 4KB
client.go 4KB
stats.go 4KB
score.go 4KB
snoozecmd.go 4KB
convertutils.go 4KB
check_cve_test.go 4KB
client.go 4KB
matcher.go 4KB
check_pkg_test.go 4KB
convert.go 4KB
client.go 4KB
client.go 4KB
editcmd.go 4KB
uri_test.go 3KB
fieldstoskip.go 3KB
retry.go 3KB
fsb_test.go 3KB
csv2cpe_test.go 3KB
summary.go 3KB
lookup.go 3KB
cve_test.go 3KB
diffcmd.go 3KB
versionrange_test.go 3KB
check_cve.go 3KB
debug.go 3KB
matching_overrides_test.go 3KB
snyk2nvd.go 3KB
共 235 条
- 1
- 2
- 3
KawaiiLabsSol
- 粉丝: 31
- 资源: 4712
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0