/Github-CVE-Listener

无需服务器的GitHub实时漏洞利用工具监听器,目前支持微信/TG推送,中文版(https://github.com/Kira-Pgr/Github-CVE-Listener/blob/main/README_ZH.md)

Primary LanguagePythonMIT LicenseMIT

Github-CVE-Listener

bulid actions

 _______   ________  _________  ___   ___  __  __   _______                                                   
/______/\ /_______/\/________/\/__/\ /__/\/_/\/_/\/_______/\                                                  
\::::__\/_\__.::._\/\__.::.__\/\::\ \\  \ \:\ \:\ \::: _  \ \                                                 
 \:\ /____/\ \::\ \    \::\ \   \::\/_\ .\ \:\ \:\ \::(_)  \/_                                                
  \:\\_  _\/ _\::\ \__  \::\ \   \:: ___::\ \:\ \:\ \::  _  \ \                                               
   \:\_\ \ \/__\::\__/\  \::\ \   \: \ \\::\ \:\_\:\ \::(_)  \ \                                              
    \_____\/\________\/   \__\/    \__\/ \::\/\_____\/\_______\/                                              
 ______  __   __  ______       __        ________  ______  _________  ______  ___   __   ______  ______       
/_____/\/_/\ /_/\/_____/\     /_/\      /_______/\/_____/\/________/\/_____/\/__/\ /__/\/_____/\/_____/\      
\:::__\/\:\ \\ \ \::::_\/_    \:\ \     \__.::._\/\::::_\/\__.::.__\/\::::_\/\::\_\\  \ \::::_\/\:::_ \ \     
 \:\ \  _\:\ \\ \ \:\/___/\    \:\ \       \::\ \  \:\/___/\ \::\ \   \:\/___/\:. `-\  \ \:\/___/\:(_) ) )_   
  \:\ \/_/\:\_/.:\ \::___\/_    \:\ \____  _\::\ \__\_::._\:\ \::\ \   \::___\/\:. _    \ \::___\/\: __ `\ \  
   \:\_\ \ \ ..::/ /\:\____/\    \:\/___/\/__\::\__/\ /____\:\ \::\ \   \:\____/\. \`-\  \ \:\____/\ \ `\ \ \ 
    \_____\/\___/_(  \_____\/     \_____\/\________\/ \_____\/  \__\/    \_____\/\__\/ \__\/\_____\/\_\/ \_\/ 

Get latest CVE EXP/POC from GitHub in WeChat!

Tips

  • The Program runs with Github Actions, no need to use your own server

  • Chinese Version

    Usage

  • preparations

    • GitHub

      • fork my repo
        Sign up or log into your GitHub account and click the "fork" button on the page
        Fork
        After that, a repo with the same name will show up in your account.
        Follow the steps below in your repository

      • Create a new GitHub Personal Access Token
        1)Go to the New Token Page
        2)Set note to GH_TOKEN , select "repo",set expiration to no expiration,click Generate token ,and remember to COPY AND SAVE your token

        Attention! Once you leave the page, you won't able to see your token any more!

        Fork

      • Create a new repository secret

        1. Go to Setting -> Secrets -> New repository secret,Create 6 secrets:GH_TOKEN SCKEY TOTAL_COUNT OPTION TG_CHAT_ID TG_TOKEN

          Don't create the secrets you don't need

        2. Update the values

          The value of OPTION: 1 for pushing to WeChat, 2 for using Telegram bot, 3 for using all of them
          The value of GH_TOKEN: Your GitHub Personal Access Token
          The value of TOTAL_COUNT: 0

          • If you want to sent message to WeChat
            The value of SCKEY: Your SendKey

            If you are using multiple SendKeys, please include them all in the value of the secret,separated by commas and without any line breaks or leading/trailing commas.

            For example:

            key1,key2,key3,...
            
          • If you want to sent message to Telegram
            The value of TG_CHAT_ID: Your ID or the group's ID
            The value of TG_TOKEN: The bot's token

        No spaces or line breaks is allowed at either the start or the end

        Secret

        • WeChat ”Server-Chan“
      • Log in

        Notice: If the QR Code doesn't load, try to open the image in a new tab image

      • Copy your SendKey for later use SendKey

        • Telegram Bot
      • Get Your ID

      • Get Your Token

  • Run the program

    • Go to the Action Tab,Click the green button(I understand my workflow...) in the middle image

    • After refreshing the page,you'll see a workflow called CVE-Monitor.

    • Select the CVE-Monitor workflow,You'll see a notice(this schedule was disabled......) image

    • Press enable workflow button

      (If you didn't experience the problem, just ignore what I've just said = = )

    • Click star twice to start the workflow

    • Go to Action tab -> CVE-Monitor workflow -> build -> Monitor CVE You'll see the logs of each workflow run, just check if there're any errors

    • Normally, you'll receive a message now

    • Last,if the program functioned correctly, secret TOTAL_COUNT should be updated

Other info

  • The workflow is currently configured to run every 10 minutes,if you want to change that,go to AutoRun.yml, be sure to read the GitHub Docs.

    Attention! Actions schedules run at most every 5 minutes.

  • Tip: GitHub will tell you the meaning of the schedule expression while you are changing it image

ref:
https://github.com/kiang70/Github-Monitor/
https://github.com/Hostage-02/AutoApi

Star History

Star History Chart