Code Monkey home page Code Monkey logo

scrapy-cve-cnvd's Introduction

Scrapy-CVE-CNVD

基于scrapy框架,获取每日最新的CVE和CNVD漏洞,主要目的用于安全研究,获取最新安全咨询,无任何漏洞利用细节,严禁用于非法活动。

为了保证信息的易读性,CVE漏洞详细信息主要参照CNNVD官网信息,可能导致部分CVE无法被收录。更多信息可以通过关注CVE官方的Twitter获取。

Start

Docker-compose部署

修改crontabfile配置邮箱等信息

PATH=/opt/someApp/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# 个人的账号信息
[email protected]
EMAIL_PASS=xxxxxxxxxxxxxx
[email protected]
# 10分钟执行一次
*/10 * * * * cd /root/vuls && ./run.sh >> /var/log/cron.log

构建(网络问题多重试几次)

cd Scrapy-CVE-CNVD
docker-compose build

运行(首次运行需等待一段时间)

docker-compose up -d

本地部署

下载项目

git clone https://github.com/ttonys/Scrapy-CVE-CNVD

安装依赖(python3环境)

pip install -r requirements.txt

redis安装----docker

docker pull redis
docker run -itd --name redis-test -p 6379:6379 redis

redis安装----本机

参照网上教程

修改配置,Scrapy-CVE-CNVD/OnePiece/pipelines.py文件36-38行,使用自己注册163邮箱,以及所获取的授权码(非个人密码)

fromaddr = '[email protected]'
password = 'xxxxxxxxxxxxxx'
toaddrs = '[email protected]'

修改配置,Scrapy-CVE-CNVD/OnePiece/settings.py文件,配置个人的redis服务器ip、端口和密码

REDIS_HOST = '127.0.0.1'
REDIS_PORT = 6379
REDIS_PARAMS = {
'password': '123456',
}

修改配置,Scrapy-CVE-CNVD/run.sh中,将路径修改为自己本机的路径,参照如下:

#!/bin/bash
cd /root/Scrapy-CVE-CNVD
/usr/local/bin/scrapy crawl all-redis

测试,将Scrapy-CVE-CNVD路径下文件改为755权限(chmod -R 755 Scrapy-CVE-CNVD),运行./run.sh,查看是否收到邮件通知

添加定时任务,注意使用绝对路径,按照本机实际路径填写,参考如下(每天下午2点半执行):

30 14 * * * /root/Scrapy-CVE-CNVD/run.sh

Source

国家信息安全漏洞共享平台

https://www.cnvd.org.cn/

国家信息安全漏洞库

http://www.cnnvd.org.cn/

today-cve

https://cassandra.cerias.purdue.edu/CVE_changes/today.html

cve官网

https://cve.mitre.org/

Demo

数据保存

image-20200329213227688

邮件内容

image-20200329213718480

scrapy-cve-cnvd's People

Contributors

ttonys avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.