This is a powerful, easy-to-use, and flexible Command Line Interface (CLI) tool for searching vulnerabilities by CVE ID or keywords using the NVD API. The application interacts with the National Vulnerability Database (NVD) and uses the nvdlib Python package to fetch data related to CVEs (Common Vulnerabilities and Exposures). The tool allows users to:
- Fetch specific vulnerability details by CVE ID.
- Search vulnerabilities by keywords.
- Display the severity, score, description, and vector for each result.
- Search by CVE ID: Fetch data on specific vulnerabilities using their CVE ID (e.g.,
CVE-2021-26855). - Search by Keywords: Perform keyword-based searches (e.g.,
heartbleed) to retrieve related CVEs. - Detailed Information: Displays the CVSS score, severity, description, and attack vector in a user-friendly format.
Before using the CVE Search CLI, ensure you have the following:
- Python 3.8+: The script is written in Python and requires a Python environment.
- NVD API Key: The NVD API is rate-limited. You can register for an API key to avoid delays.
- Clone the repository:
git clone https://github.com/yourusername/cve-search-cli.git cd cve-search-cli python -m venv venv source venv/bin/activate # On Windows use `venv\Scripts\activate` pip install -r req.txt export NVD_API_KEY=your_api_key_here python cve_searcher.py --cve CVE-2021-26855 --api-key your_api_key_here source deactivate
##EXAMPLE OUTPUT
2024-09-09 05:34:49,928 - INFO - Searching for CVE: CVE-2021-26855
CVE Found: Microsoft Exchange Server Remote Code Execution Vulnerability Severity: CRITICAL - Score: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
##Search by Keyword You can also search for vulnerabilities using keywords. This will return a list of CVEs that match the keyword.
python cve_searcher.py --keyword heartbleed --api-key your_api_key_here##EXAMPLE OUTPUT
2024-09-09 05:42:19,496 - INFO - Searching for keyword: heartbleed
Found 1 CVEs for your keyword search:
CVE ID: CVE-2014-0160 Severity: HIGH - Score: 7.5 Description: The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
###Author ##Amine GitHub: mrhili
- Overview: The
README.mdincludes a project introduction, features, and how to use the CLI tool. - Installation and Usage: Detailed installation steps, including how to set the API key, install dependencies, and use both the CVE ID and keyword search.
- Testing: Instructions on how to run unit tests.
.gitignore: An example.gitignoreto exclude sensitive or unnecessary files.- License: You can add the appropriate license type for your project.
- Contribution Section: Encourages contributions with a standard fork, branch, pull-request workflow.
Once added, this README.md will serve as great documentation for others using or contributing to your project.