def test_cve_announcements():
"""Tests for method cve_announcements()"""
client = CBWApi(API_URL, API_KEY, SECRET_KEY)
params = {'page': '1'}
with vcr.use_cassette(
'spec/fixtures/vcr_cassettes/cve_announcements.yaml'):
response = client.cve_announcements(params)
for cve in response:
assert isinstance(cve, CBWCve) is True
def test_cve_announcements():
"""Tests for method cve_announcements()"""
client = CBWApi(API_URL, API_KEY, SECRET_KEY)
params = {'page': '1'}
with vcr.use_cassette(
'spec/fixtures/vcr_cassettes/cve_announcements.yaml'):
response = client.cve_announcements(params)
assert response[0].cve_code == 'CVE-2012-1182'
def retrieve_api_informations():
"""Returns a report on vulnerabilities from Cyberwatch's API"""
client = CBWApi(CONF.get('cyberwatch', 'url'), CONF.get('cyberwatch', 'api_key'),\
CONF.get('cyberwatch', 'secret_key'))
client.ping()
all_cves_filter = {"active": "true"}
all_cves = client.cve_announcements(all_cves_filter)
critical_with_exploit_filter = {
"exploit_code_maturity": ["proof_of_concept"],
"active": "true",
"level": "level_critical"
}
critical_cves = client.cve_announcements(critical_with_exploit_filter)
high_with_exploit_filter = {
"exploit_code_maturity": ["high"],
"active": "true",
"level": "level_high"
}
high_cves = client.cve_announcements(high_with_exploit_filter)
mail_content = """
Bonjour,
Cyberwatch a détecté {} vulnérabilités dont :
- {} vulnérabilités critiques (score ≥ 9) avec exploit public \
(Voir {}/cve_announcements?severity[]=level_critical&present=true&exploit_code_maturity[]=high\
&exploit_code_maturity[]=functional&exploit_code_maturity[]=proof_of_concept&sort_by=published&order=asc)
- {} vulnérabilités élevées (9 > score ≥ 7) avec exploit public \
(Voir {}/cve_announcements?severity[]=level_high&present=true&exploit_code_maturity[]=high\
&exploit_code_maturity[]=functional&exploit_code_maturity[]=proof_of_concept&sort_by=published&order=asc)."""\
.format(len(all_cves), len(critical_cves), CONF.get('cyberwatch', 'url'), \
len(high_cves), CONF.get('cyberwatch', 'url'))
return mail_content
'Target version': targets_version.strip()
})
return csv_lines
def to_csv(csv_lines, name_csv='just_generated.csv', path=""):
"""Write objects in csv_lines into a csv file"""
with open(os.path.join(path, name_csv), 'w', newline='') as csvfile:
spamwriter = csv.writer(csvfile,
delimiter=' ',
quotechar='|',
quoting=csv.QUOTE_MINIMAL)
spamwriter.writerow(['"sep=,"'])
fieldnames = csv_lines[0].keys()
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for line in csv_lines:
writer.writerow(line)
# Fetch active CVE if an exploit is available
logging.info('Fetching active CVE')
cve_list = CLIENT.cve_announcements({"exploitable": "true", "active": "true"})
# Formating lines for the csv
logging.info('Formating lines for the csv file')
csv_lines_list = to_csv_lines(cve_list)
# Exporting csv file
to_csv(csv_lines_list, path="")
"""GET request to /api/v3/cve_announcements to get a list of cve announcements"""
import os
from configparser import ConfigParser
from cbw_api_toolbox.cbw_api import CBWApi
CONF = ConfigParser()
CONF.read(
os.path.join(os.path.abspath(os.path.dirname(__file__)), '..', 'api.conf'))
CLIENT = CBWApi(CONF.get('cyberwatch', 'url'),
CONF.get('cyberwatch', 'api_key'),
CONF.get('cyberwatch', 'secret_key'))
PARAMS = {'technology_product': 'php'}
CLIENT.cve_announcements(PARAMS)
