Published on August 11th, 2015 | by NJ Ouchn0
vFeed Correlated Vulnerability Database API major update 0.6 released
vFeed Framework is a CVE, CWE and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema.
It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.
The associated vFeed.db (The Correlated Vulnerability and Threat Database) is a detective and preventive security information repository used for gathering vulnerability and mitigation data from scattered internet sources into an unified database.
- Reviewed and re-wrote the code to be as much as possible PEP8 compliant
- Update the vFeed License. It is very important to read it.
- Introduced a new simple vFeed menu with the following options:
- –method: Digs into the database and enumerate information related to CVE. See (–list)
- –list: Lists the available –method functions. You can refer to the wiki documentation for more information
- –export : Exports metadata to either JSON or XML formats
- –stats : Displays the vFeed.db statistics
- –search: Simple vFeed search utility. It supports CVE, CPE, CWE, OVAL and free text
- –update: To update the vFeed.db Correlated Vulnerability Database.
- –banner: Displays vFeed banners. Dont ask me. It is useless 🙂
- Refactored the main vFeed class
api.pyinto small dedicated classes:
info.py: Used to render information about CVE alongside other open standards (CWE, CPE, CAPEC).
ref.py: Can be leveraged to get information about references and cross-linked sources (IAVM, SCIP..)
risk.py: Used to display the CVSS v2 and severity.
patches.py: Mostly used to enumerate hotfixes from 3rd party vendors such as Microsoft, Redhat, Suse etc
scanners.py: Leveraged to list information about scanners scripts related to CVEs such as Nessus, OpenVAS ..
exploit.py: Used to list information about exploits PoC related to CVEs such as Metasploit, Exploit-DB ..
rules.py: Can be leveraged to display the IDS/IPS rules to prevent from the attack such as Snort or Suricata
json_dump.py: This class will generate a detailed CVE JSON output.
- vFeed now returns JSON responses. It will be much easier to integrate with 3rd party utilities and software.
- Added the support of CWE, OVAL and free text to
- Added URL links to the references (CVE, CWE, CAPEC, 3rd party references ..)
- Changed name of
- Exported JSON/XML files are moved to export repository.
api_calls.pyAPI calls sample to demonstrate how easy to use vFeed from within your code.
- Deprecated the value of “PCI Compliance” from
risk.pyclass. This will be supported later.
- Deprecated the method
get_milw0rmas the source does not longer exist
- Todo : The XML export will be added later.
- The documentation updated. Visit Documentation Page