def create_profile(month, year, patch_tuesday_date, comments_links, file_name): # This profile (json file) will describe Microsoft Patch Tuesday reports # month = "October" # year = "2020" # patch_tuesday_date = "10/13/2020" functions_tools.print_debug_message("Year: " + year) functions_tools.print_debug_message("Month: " + month) functions_tools.print_debug_message("Date: " + patch_tuesday_date) ms_cves_for_date_range = functions_source_ms_cve.get_ms_cves_for_date_range( patch_tuesday_date, patch_tuesday_date) functions_tools.print_debug_message("MS CVEs found: " + str(len(ms_cves_for_date_range))) ms_cves_for_date_range = "\n".join(ms_cves_for_date_range) query = month + " " + year + " " + "Patch Tuesday" comments = dict() if "Qualys" in comments_links: qualys_link = comments_links["Qualys"] else: qualys_link = functions_source_analytic_sites.get_qualys_link(query) # qualys_link = {'title':'Microsoft & Adobe Patch Tuesday (October 2021) – Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities', # 'url':'https://blog.qualys.com/product-tech/2021/10/13/microsoft-adobe-patch-tuesday-october-2021-microsoft-74-vulnerabilities-with-3-critical-4-zero-days-adobe-10-vulnerabilities'} if qualys_link: qualys_text = functions_source_analytic_sites.get_qualys_text_from_url( qualys_link['url']) qualys_text = functions_source_analytic_sites.process_qualys_text( qualys_text) functions_tools.print_debug_message("Qualys query: " + query) functions_tools.print_debug_message("Qualys url found: " + qualys_link['url']) functions_tools.print_debug_message("=== Qualys text ===") functions_tools.print_debug_message(qualys_text) functions_tools.print_debug_message("=== End of Qualys text ===") comments['qualys'] = qualys_text if "Tenable" in comments_links: tenable_link = comments_links["Tenable"] else: tenable_link = functions_source_analytic_sites.get_tenable_link(query) if tenable_link: tenable_text = functions_source_analytic_sites.get_tenable_text_from_url( tenable_link['url']) functions_tools.print_debug_message("Tenable query: " + query) functions_tools.print_debug_message("Tenable url found: " + tenable_link['url']) functions_tools.print_debug_message("=== Tenable text ===") functions_tools.print_debug_message(tenable_text) functions_tools.print_debug_message("=== End of Tenable text ===") comments['tenable'] = tenable_text if "Rapid7" in comments_links: rapid7_link = comments_links["Rapid7"] else: rapid7_link = functions_source_analytic_sites.get_rapid7_link(query) if rapid7_link: rapid7_text = functions_source_analytic_sites.get_rapid7_text_from_url( rapid7_link['url']) functions_tools.print_debug_message("Rapid7 query: " + query) functions_tools.print_debug_message("Rapid7 url found: " + rapid7_link['url']) functions_tools.print_debug_message("=== Rapid7 text ===") functions_tools.print_debug_message(rapid7_text) functions_tools.print_debug_message("=== End of Rapid7 text ===") comments['rapid7'] = rapid7_text if "ZDI" in comments_links: zdi_link = comments_links["ZDI"] else: queries = [ "site:https://www.zerodayinitiative.com/blog THE " + month + " " + year + " SECURITY UPDATE REVIEW", "site:https://www.thezdi.com/blog Microsoft Patches for " + month + " " + year ] zdi_link = functions_source_analytic_sites.get_duckduckgo_search_results_multiple_queries( queries) # zdi_link = {'title':'THE SEPTEMBER 2021 SECURITY UPDATE REVIEW', # 'url':'https://www.zerodayinitiative.com/blog/2021/9/14/the-september-2021-security-update-review-kpgpb'} if zdi_link: zdi_text = functions_source_analytic_sites.get_zdi_text_from_url( zdi_link['url']) functions_tools.print_debug_message("ZDI query: " + query) functions_tools.print_debug_message("ZDI url found: " + zdi_link['url']) functions_tools.print_debug_message("=== ZDI text ===") functions_tools.print_debug_message(zdi_text) functions_tools.print_debug_message("=== End of ZDI text ===") comments['zdi'] = zdi_text report_id = month + " " + year report_name = 'Microsoft Patch Tuesday, ' + month + " " + year file_name_prefix = "ms_patch_tuesday_" + month.lower() + year cves_text = ms_cves_for_date_range data_sources = None # Use all data sources file_path = "data/profiles/" + file_name products_text = "" functions_profile.save_profile(file_path, report_id, report_name, file_name_prefix, cves_text, products_text, data_sources, comments)
import functions_profile import functions_report_vulnerabilities name = "test" report_name = name + ' report' file_name_prefix = name.lower() with open('analyze_cve_list.txt', 'r') as file: cves_text = file.read() with open('analyze_product_list.txt', 'r') as file: products_text = file.read() file_name = name + "_profile.json" report_id = name + "_report" data_sources = ['ms', 'nvd', 'vulners', 'attackerkb'] comments = dict() comments["hosts"] = '''''' comments["recent_attack"] = '''''' rewrite_flag = False profile_file_path = "data/profiles/" + file_name functions_profile.save_profile(profile_file_path, report_id, report_name, file_name_prefix, cves_text, products_text, data_sources, comments) functions_report_vulnerabilities.make_vulnerability_report_for_profile( profile_file_path, rewrite_flag)
def create_profile(month, year, patch_tuesday_date, file_name): # This profile (json file) will describe Microsoft Patch Tuesday reports # month = "October" # year = "2020" # patch_tuesday_date = "10/13/2020" functions_tools.print_debug_message("Year: " + year) functions_tools.print_debug_message("Month: " + month) functions_tools.print_debug_message("Date: " + patch_tuesday_date) ms_cves_for_date_range = functions_source_ms_cve.get_ms_cves_for_date_range(patch_tuesday_date, patch_tuesday_date) functions_tools.print_debug_message("MS CVEs found: " + str(len(ms_cves_for_date_range))) ms_cves_for_date_range = "\n".join(ms_cves_for_date_range) query = month + " " + year + " " + "Patch Tuesday" qualys_link = functions_source_analytic_sites.get_qualys_link(query) qualys_text = functions_source_analytic_sites.get_qualys_text_from_url(qualys_link['url']) functions_tools.print_debug_message("Qualys query: " + query) functions_tools.print_debug_message("Qualys url found: " + qualys_link['url']) functions_tools.print_debug_message("=== Qualys text ===") functions_tools.print_debug_message(qualys_text) functions_tools.print_debug_message("=== End of Qualys text ===") tenable_link = functions_source_analytic_sites.get_tenable_link(query) tenable_text = functions_source_analytic_sites.get_tenable_text_from_url(tenable_link['url']) functions_tools.print_debug_message("Tenable query: " + query) functions_tools.print_debug_message("Tenable url found: " + tenable_link['url']) functions_tools.print_debug_message("=== Tenable text ===") functions_tools.print_debug_message(tenable_text) functions_tools.print_debug_message("=== End of Tenable text ===") rapid7_link = functions_source_analytic_sites.get_rapid7_link(query) rapid7_text = functions_source_analytic_sites.get_rapid7_text_from_url(rapid7_link['url']) functions_tools.print_debug_message("Rapid7 query: " + query) functions_tools.print_debug_message("Rapid7 url found: " + rapid7_link['url']) functions_tools.print_debug_message("=== Rapid7 text ===") functions_tools.print_debug_message(rapid7_text) functions_tools.print_debug_message("=== End of Rapid7 text ===") queries = [ "site:https://www.thezdi.com/blog Microsoft Patches for " + month + " " + year ] zdi_link = functions_source_analytic_sites.get_duckduckgo_search_results_multiple_queries(queries) zdi_text = functions_source_analytic_sites.get_zdi_text_from_url(zdi_link['url']) functions_tools.print_debug_message("ZDI query: " + query) functions_tools.print_debug_message("ZDI url found: " + zdi_link['url']) functions_tools.print_debug_message("=== ZDI text ===") functions_tools.print_debug_message(zdi_text) functions_tools.print_debug_message("=== End of ZDI text ===") comments = { 'qualys': qualys_text, 'tenable': tenable_text, 'rapid7': rapid7_text, 'zdi': zdi_text } report_id = month + " " + year report_name = 'Microsoft Patch Tuesday, ' + month + " " + year file_name_prefix = "ms_patch_tuesday_" + month.lower() + year cves_text = ms_cves_for_date_range data_sources = None # Use all data sources functions_profile.save_profile("data/profiles/" + file_name, report_id, report_name, file_name_prefix, cves_text, data_sources, comments)