def main():
    # Printing the banner.
    print(config.get_banner())

    api_key = config.token
    if api_key:
        api = AttackerKB(api_key)

    # Retrieving needed config.
    sortTypesConfig = config.get("sort")
    sortTypes = sortTypesConfig["tags"] + sortTypesConfig["score"]
    sortTypesDesc = sortTypesConfig["description"]

    # Parsing args.
    parser = argparse.ArgumentParser(description='Search through AttackerKB via command line!')
    
    ## Making groups.
    group_search = parser.add_argument_group("Search arguments", "Query using keywords, CVEs or usernames.")
    group_filter = parser.add_argument_group("Filter arguments", "Sort and filter your query's results using tags and scores.")

    mg_search = group_search.add_mutually_exclusive_group()
    mg_filter = group_filter.add_mutually_exclusive_group()

    ## Searching arguments.
    mg_search.add_argument("-q", "--query", dest="query", metavar="KEYWORDS", help="Search for a topic using keywords")
    mg_search.add_argument("-cve", "--cve", dest="cve", metavar="CVE-YEAR-XXXX", help="Search for a CVE using its code")
    mg_search.add_argument("-u", "--username", dest="user", metavar="USERNAME", help="Search for a user")
    
    ## Filtering args.
    mg_filter.add_argument("-s", "--sort", choices=sortTypes, metavar="VALUE", dest="sort", help="Let you sort topics using a specified field ascendingly")
    mg_filter.add_argument("-r", "--rev-sort", choices=sortTypes, metavar="VALUE", dest="rsort", help="Let you sort topics using a specified field descendingly")

    parser.add_argument("-l", "--list", action='store_true',  help="Display every sorting and filter values.")


    args = parser.parse_args()

    current_data = None

    # Handles the sorting options.
    doSort = False
    sortAsc = True
    sortTag = None

    if args.sort:
        doSort = True
        sortTag = args.sort
    if args.rsort:
        doSort = True
        sortAsc = False
        sortTag = args.rsort

    # Calls fitting module.
    ## Listing
    if args.list == True:
        print("Tags allow you to both filter and sort. \nHere is the list of every tags:\n" + print_tags(sortTypesConfig["tags"], sortTypesDesc))
        print("\nHere are values that only supports sorting:\n" + print_tags(sortTypesConfig["score"], sortTypesDesc))
        exit(0)

    ## Queries
    elif args.query:
        if doSort:
            sort_filter = '{0}:{1}'.format(sortTag, 'asc' if sortAsc else 'desc')
            current_data = api.get_topics(sort=sort_filter, q=args.query)
            
        else:
            current_data = api.get_topics(q=args.query)

        if hasResult(current_data):
            l = 5

            if len(current_data) < 5:
                l = len(current_data)
                
            for i in range(l,0,-1):
                print_topic_short(current_data, i=i-1)
                print("--- ("+ str(i) +") for more details -- (else) to leave")
            
            # int() doesn't like empty strings, so if sanitize returns an empty string;
            # answer will be -1 which will cause the program to exit.
            try:
                answer = int(sanitize(input()))
            except:
                answer = -1

            if answer >= 1 and answer <= l:
                clear()
                print_topic_long(current_data, i=answer-1)

    ## CVE
    elif args.cve:
        if doSort:
            sort_filter = '{0}:{1}'.format(sortTag, 'asc' if sortAsc else 'desc')
            current_data = api.get_topics(sort=sort_filter, name=args.cve)
        else:
            current_data = api.get_topics(name=args.cve)

        if hasResult(current_data):
            print_topic_short(current_data, cve=args.cve)
            print("--- (+) for more details -- (else) to leave")

            answer = input()

            if sanitize(answer) == "+":
                clear()
                print_topic_long(current_data, cve=args.cve)

    ## Users
    elif args.user:
        current_data = api.get_single_contributor(args.user)
        #current_data = get_from_username(args.user)

        if hasResult(current_data):
            print_contributor(current_data)

    ## Nothing, print help message.
    else:
        print("No argument found. Try using -h to get help.")
Beispiel #2
0
def test_api_fail():
    with pytest.raises(ApiError):
        api = AttackerKB(api_key="")
Beispiel #3
0
def test_api():
    api = AttackerKB(api_key=API_KEY)
Beispiel #4
0
import os
from attackerkb_api import AttackerKB, ApiError

API_KEY = os.environ.get("API_KEY")


def test_api_fail():
    with pytest.raises(ApiError):
        api = AttackerKB(api_key="")


def test_api():
    api = AttackerKB(api_key=API_KEY)


api = AttackerKB(api_key=API_KEY)


def test_single_topic():
    result = api.get_single_topic('6685ce4d-9523-4078-92d3-f08418c9770a')
    assert result['id'] == '6685ce4d-9523-4078-92d3-f08418c9770a'


def test_search_topic():
    result = api.get_topics(name="CVE-2020-10560")
    assert result[0]['id'] == "6f81bc44-c000-427d-b222-b64c29bda621"


def test_search_topic_params():
    result = api.get_assessments(
        topicId='131226a6-a1e9-48a1-a5d0-ac94baf8dfd2',
Beispiel #5
0
# Tokens and api keys.
token_file = "token.txt"
api_key_file = "api.txt"

token = open(token_file).readline()
api_key = open(api_key_file).readline()

# Setting up the bot and prefix.
prefix = "!akb "
bot = commands.Bot(command_prefix=prefix)

# Loads the bot's activity status.
status = prefix + "help"

# AKB api.
api = AttackerKB(api_key)


# Logging the starting of the bot into the console.
@bot.event
async def on_ready():
    # Sets activity message.
    await bot.change_presence(activity=discord.Game(status))

    # Removes default help command.
    print("\nLogged in as {0.user}".format(bot) + "\n")


# Commands.
## Ping command.
@bot.command(description="Ping the bot.")
Beispiel #6
0
#!/usr/bin/python3
import requests
from flask import Flask
from flask import jsonify, request
from attackerkb_api import AttackerKB
from secrets import SLACK_TOKENS, ATTACKERKB_API, PRIVATE

application = Flask(__name__)

api = AttackerKB(ATTACKERKB_API)


@application.route("/")
def home():
    return "This is a slack APP Your in the wrong place"


@application.route("/assessment", methods=["POST"])
def assesment_cve():
    request_token = request.form.get('token')

    print(request_token)

    if PRIVATE:
        if request_token not in SLACK_TOKENS:
            return "Not a valid Token"

    cve_id = request.form.get("text")
    topic_details = api.get_topics(name=cve_id)

    # Check for a valid CVE