Ejemplo n.º 1
0
def main(argv):
    
    thisYear        = datetime.date.today().year
    yearlyVulns = []
    allVulns = []

    # Get CVE data from the previous 3 years
    #for year in range(thisYear-4, thisYear):
    #for year in range(thisYear-2, thisYear):
    for year in range(2014, 2017):
        print "*** Processing CVE data for " + str(year)

        # Get NVD data
        xmlfile = cfg.nvdCveXmlFileBase + str(year) + ".xml"
        #print "- Getting CVE data from the NVD site for year " + str(year)
        #vul.getCveDataFromNVD(xmlfile)
    
        # Process XML file
        print "- Processing XML file " + xmlfile
        yearlyVulns = vul.processNvdXML(xmlfile)
        allVulns.extend(yearlyVulns)
        
    # Update the local mysql database    
    print "- Updating local CVE database"
    vul.updateLocalCveDB(allVulns, cfg.dbArchiveTable)
    
    # Create cumulative CVE report in Excel (all CVEs created this year)
    reportFile="%s-%s CVE Archive.xlsx" %(str(thisYear-1), str(thisYear))
    print "- Saving the cumulative CVE list to Excel as %s" % (reportFile)
    vul.createSimpleCVEReport(str(thisYear-1) + " to " + str(thisYear), reportFile, cfg.dbArchiveTable)
Ejemplo n.º 2
0
def main(argv):

    # Get report timelines
    today = datetime.date.today()
    endDate = today.isoformat()
    startDate = (today - datetime.timedelta(days=cfg.ReportPeriod)).isoformat()
    reportYear = endDate.split('-')[0]
    reportMonth = endDate.split('-')[1]
    domain = "YOURCOMPANY"

    #Get latest NVD data
    #print "- Getting the latest CVE data from the NVD site"
    #vul.getCveDataFromNVD(cfg.nvdCveXmlFile)

    # Process XML file
    print "- Processing XML file"
    nvdVulns = vul.processNvdXML(cfg.nvdCveXmlFile)

    # Update the local mysql database
    print "- Updating local CVE database"
    vul.updateLocalCveDB(nvdVulns, cfg.dbMainTable)

    # Create CVEs-per-platform report in Excel
    print "- Getting per-platform CVE list from %s to %s" % (startDate,
                                                             endDate)
    assetList = cfg.assetList
    advisories = vul.getCVEsByAsset(assetList, startDate, endDate)
    reportFile1 = reportYear + "-" + reportMonth + " Vulnerability Alerts version 1.xlsx"
    print "- Saving the CVE-by-platform list to Excel as %s" % (reportFile1)
    vul.createCVEsByAssetReport(domain, advisories, reportYear, reportMonth,
                                reportFile1)

    # Create cumulative CVE report in Excel (all CVEs created this year)
    reportFile2 = "%s-%s Yearly Cumulative CVEs.xlsx" % (reportYear,
                                                         reportMonth)
    print "- Saving the cumulative CVE list to Excel as %s" % (reportFile2)
    vul.createSimpleCVEReport(reportYear, reportFile2, cfg.dbMainTable)

    print "- Emailing the advisory email with the Excel file attached"
    vul.emailReport(reportFile1, reportFile2)
Ejemplo n.º 3
0
def main(argv):

    # Get report timelines
    today = datetime.date.today()
    endDate = today.isoformat()
    startDate = (today - datetime.timedelta(days=cfg.ReportPeriod)).isoformat()
    reportYear = endDate.split("-")[0]
    reportMonth = endDate.split("-")[1]
    domain = "YOURCOMPANY"

    # Get latest NVD data
    # print "- Getting the latest CVE data from the NVD site"
    # vul.getCveDataFromNVD(cfg.nvdCveXmlFile)

    # Process XML file
    print "- Processing XML file"
    nvdVulns = vul.processNvdXML(cfg.nvdCveXmlFile)

    # Update the local mysql database
    print "- Updating local CVE database"
    vul.updateLocalCveDB(nvdVulns, cfg.dbMainTable)

    # Create CVEs-per-platform report in Excel
    print "- Getting per-platform CVE list from %s to %s" % (startDate, endDate)
    assetList = cfg.assetList
    advisories = vul.getCVEsByAsset(assetList, startDate, endDate)
    reportFile1 = reportYear + "-" + reportMonth + " Vulnerability Alerts version 1.xlsx"
    print "- Saving the CVE-by-platform list to Excel as %s" % (reportFile1)
    vul.createCVEsByAssetReport(domain, advisories, reportYear, reportMonth, reportFile1)

    # Create cumulative CVE report in Excel (all CVEs created this year)
    reportFile2 = "%s-%s Yearly Cumulative CVEs.xlsx" % (reportYear, reportMonth)
    print "- Saving the cumulative CVE list to Excel as %s" % (reportFile2)
    vul.createSimpleCVEReport(reportYear, reportFile2, cfg.dbMainTable)

    print "- Emailing the advisory email with the Excel file attached"
    vul.emailReport(reportFile1, reportFile2)