def create_profile(month, year, patch_tuesday_date, comments_links, file_name):
# This profile (json file) will describe Microsoft Patch Tuesday reports
# month = "October"
# year = "2020"
# patch_tuesday_date = "10/13/2020"
functions_tools.print_debug_message("Year: " + year)
functions_tools.print_debug_message("Month: " + month)
functions_tools.print_debug_message("Date: " + patch_tuesday_date)
ms_cves_for_date_range = functions_source_ms_cve.get_ms_cves_for_date_range(
patch_tuesday_date, patch_tuesday_date)
functions_tools.print_debug_message("MS CVEs found: " +
str(len(ms_cves_for_date_range)))
ms_cves_for_date_range = "\n".join(ms_cves_for_date_range)
query = month + " " + year + " " + "Patch Tuesday"
comments = dict()
if "Qualys" in comments_links:
qualys_link = comments_links["Qualys"]
else:
qualys_link = functions_source_analytic_sites.get_qualys_link(query)
# qualys_link = {'title':'Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities',
# 'url':'https://blog.qualys.com/product-tech/2021/10/13/microsoft-adobe-patch-tuesday-october-2021-microsoft-74-vulnerabilities-with-3-critical-4-zero-days-adobe-10-vulnerabilities'}
if qualys_link:
qualys_text = functions_source_analytic_sites.get_qualys_text_from_url(
qualys_link['url'])
qualys_text = functions_source_analytic_sites.process_qualys_text(
qualys_text)
functions_tools.print_debug_message("Qualys query: " + query)
functions_tools.print_debug_message("Qualys url found: " +
qualys_link['url'])
functions_tools.print_debug_message("=== Qualys text ===")
functions_tools.print_debug_message(qualys_text)
functions_tools.print_debug_message("=== End of Qualys text ===")
comments['qualys'] = qualys_text
if "Tenable" in comments_links:
tenable_link = comments_links["Tenable"]
else:
tenable_link = functions_source_analytic_sites.get_tenable_link(query)
if tenable_link:
tenable_text = functions_source_analytic_sites.get_tenable_text_from_url(
tenable_link['url'])
functions_tools.print_debug_message("Tenable query: " + query)
functions_tools.print_debug_message("Tenable url found: " +
tenable_link['url'])
functions_tools.print_debug_message("=== Tenable text ===")
functions_tools.print_debug_message(tenable_text)
functions_tools.print_debug_message("=== End of Tenable text ===")
comments['tenable'] = tenable_text
if "Rapid7" in comments_links:
rapid7_link = comments_links["Rapid7"]
else:
rapid7_link = functions_source_analytic_sites.get_rapid7_link(query)
if rapid7_link:
rapid7_text = functions_source_analytic_sites.get_rapid7_text_from_url(
rapid7_link['url'])
functions_tools.print_debug_message("Rapid7 query: " + query)
functions_tools.print_debug_message("Rapid7 url found: " +
rapid7_link['url'])
functions_tools.print_debug_message("=== Rapid7 text ===")
functions_tools.print_debug_message(rapid7_text)
functions_tools.print_debug_message("=== End of Rapid7 text ===")
comments['rapid7'] = rapid7_text
if "ZDI" in comments_links:
zdi_link = comments_links["ZDI"]
else:
queries = [
"site:https://www.zerodayinitiative.com/blog THE " + month + " " +
year + " SECURITY UPDATE REVIEW",
"site:https://www.thezdi.com/blog Microsoft Patches for " + month +
" " + year
]
zdi_link = functions_source_analytic_sites.get_duckduckgo_search_results_multiple_queries(
queries)
# zdi_link = {'title':'THE SEPTEMBER 2021 SECURITY UPDATE REVIEW',
# 'url':'https://www.zerodayinitiative.com/blog/2021/9/14/the-september-2021-security-update-review-kpgpb'}
if zdi_link:
zdi_text = functions_source_analytic_sites.get_zdi_text_from_url(
zdi_link['url'])
functions_tools.print_debug_message("ZDI query: " + query)
functions_tools.print_debug_message("ZDI url found: " +
zdi_link['url'])
functions_tools.print_debug_message("=== ZDI text ===")
functions_tools.print_debug_message(zdi_text)
functions_tools.print_debug_message("=== End of ZDI text ===")
comments['zdi'] = zdi_text
report_id = month + " " + year
report_name = 'Microsoft Patch Tuesday, ' + month + " " + year
file_name_prefix = "ms_patch_tuesday_" + month.lower() + year
cves_text = ms_cves_for_date_range
data_sources = None # Use all data sources
file_path = "data/profiles/" + file_name
products_text = ""
functions_profile.save_profile(file_path, report_id, report_name,
file_name_prefix, cves_text, products_text,
data_sources, comments)
import functions_profile
import functions_report_vulnerabilities
name = "test"
report_name = name + ' report'
file_name_prefix = name.lower()
with open('analyze_cve_list.txt', 'r') as file:
cves_text = file.read()
with open('analyze_product_list.txt', 'r') as file:
products_text = file.read()
file_name = name + "_profile.json"
report_id = name + "_report"
data_sources = ['ms', 'nvd', 'vulners', 'attackerkb']
comments = dict()
comments["hosts"] = ''''''
comments["recent_attack"] = ''''''
rewrite_flag = False
profile_file_path = "data/profiles/" + file_name
functions_profile.save_profile(profile_file_path, report_id, report_name,
file_name_prefix, cves_text, products_text,
data_sources, comments)
functions_report_vulnerabilities.make_vulnerability_report_for_profile(
profile_file_path, rewrite_flag)
def create_profile(month, year, patch_tuesday_date, file_name):
# This profile (json file) will describe Microsoft Patch Tuesday reports
# month = "October"
# year = "2020"
# patch_tuesday_date = "10/13/2020"
functions_tools.print_debug_message("Year: " + year)
functions_tools.print_debug_message("Month: " + month)
functions_tools.print_debug_message("Date: " + patch_tuesday_date)
ms_cves_for_date_range = functions_source_ms_cve.get_ms_cves_for_date_range(patch_tuesday_date,
patch_tuesday_date)
functions_tools.print_debug_message("MS CVEs found: " + str(len(ms_cves_for_date_range)))
ms_cves_for_date_range = "\n".join(ms_cves_for_date_range)
query = month + " " + year + " " + "Patch Tuesday"
qualys_link = functions_source_analytic_sites.get_qualys_link(query)
qualys_text = functions_source_analytic_sites.get_qualys_text_from_url(qualys_link['url'])
functions_tools.print_debug_message("Qualys query: " + query)
functions_tools.print_debug_message("Qualys url found: " + qualys_link['url'])
functions_tools.print_debug_message("=== Qualys text ===")
functions_tools.print_debug_message(qualys_text)
functions_tools.print_debug_message("=== End of Qualys text ===")
tenable_link = functions_source_analytic_sites.get_tenable_link(query)
tenable_text = functions_source_analytic_sites.get_tenable_text_from_url(tenable_link['url'])
functions_tools.print_debug_message("Tenable query: " + query)
functions_tools.print_debug_message("Tenable url found: " + tenable_link['url'])
functions_tools.print_debug_message("=== Tenable text ===")
functions_tools.print_debug_message(tenable_text)
functions_tools.print_debug_message("=== End of Tenable text ===")
rapid7_link = functions_source_analytic_sites.get_rapid7_link(query)
rapid7_text = functions_source_analytic_sites.get_rapid7_text_from_url(rapid7_link['url'])
functions_tools.print_debug_message("Rapid7 query: " + query)
functions_tools.print_debug_message("Rapid7 url found: " + rapid7_link['url'])
functions_tools.print_debug_message("=== Rapid7 text ===")
functions_tools.print_debug_message(rapid7_text)
functions_tools.print_debug_message("=== End of Rapid7 text ===")
queries = [
"site:https://www.thezdi.com/blog Microsoft Patches for " + month + " " + year
]
zdi_link = functions_source_analytic_sites.get_duckduckgo_search_results_multiple_queries(queries)
zdi_text = functions_source_analytic_sites.get_zdi_text_from_url(zdi_link['url'])
functions_tools.print_debug_message("ZDI query: " + query)
functions_tools.print_debug_message("ZDI url found: " + zdi_link['url'])
functions_tools.print_debug_message("=== ZDI text ===")
functions_tools.print_debug_message(zdi_text)
functions_tools.print_debug_message("=== End of ZDI text ===")
comments = {
'qualys': qualys_text,
'tenable': tenable_text,
'rapid7': rapid7_text,
'zdi': zdi_text
}
report_id = month + " " + year
report_name = 'Microsoft Patch Tuesday, ' + month + " " + year
file_name_prefix = "ms_patch_tuesday_" + month.lower() + year
cves_text = ms_cves_for_date_range
data_sources = None # Use all data sources
functions_profile.save_profile("data/profiles/" + file_name, report_id, report_name, file_name_prefix, cves_text,
data_sources, comments)