Skip to content

mattdicarlo/LibScanner

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
templates
templates
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cli.py
cli.py
 
 
cve_lookup.py
cve_lookup.py
 
 
download_cves.sh
download_cves.sh
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Simple Vulnerability Scanner

A tool to compare a package list to the National Vulnerability Database's CVE list and report on vulnerabilities found.

Usage

Create a Python 3 virtual environment and install requirements.txt

Run ./download_cves.sh to fetch vulnerability data from the NVD. Downloaded files will be placed in a cves directory in the current working directory.

Run python3 ./cli.py installed-packages.txt cves/ out.html -f yocto.

  • installed-packages.txt is the package list output from our Yocto build
  • cves/ is the directory created above
  • out.html is the report that will be generated
  • -f yocto indicates that the package list is in the Yocto build history format
  • -t 3 [optional, default 3.0] sets the severity threshold for high vs. low priority in the report

The tool will compare the package list to the NVD data and print results to stdout. Output is an HTML report detailing the vulnerabilities found.

Origins

Originally sourced from DanBeard/LibScanner, brought up to Python 3, and reworked for functionality needed by Vorne.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 78.4%
  • HTML 19.9%
  • Shell 1.7%