Light

vulnerscom / grype_vulners Goto Github PK

View Code? Open in Web Editor NEW

1.0 2.0 0.0 1 KB

Shell 100.00%

grype_vulners's Introduction

Grype-vulners-db

Enchance Grype security scanner with vulners.com database with AI based vulnerability scoring, exploit prediction, analytics and more:

vulnersScore - AI based vulnerability score
epss - Exploit Prediction Scoring System score
cvss2, cvss3 - CVSS v2 and v3 scores
aiDescription - Shortened vulnerability description
aiTags - Tags showing vulnerability types, vendor and product names
isWildExploited - known facts of vulnerability exploited in the wild
exploitsCount - number of known exploits for vulnerability
href - link to vulnerability page on vulners.com

Installation

Clone repository
set environment variable to disable auto updates (important for updating by schedule per day)

export GRYPE_DB_AUTO_UPDATE=false
replace Vulners apikey inside grype-vulners-db-update.sh, for example:

apiKey=ZNDI...DXI3S
replace path, username and group inside grype-vulners-update.service

User=your_username

Group=your_group

ExecStart=bin/bash /path/to/grype_vulners/grype-vulners-db-update.sh
make sh file executable

chmod +x /path/to/grype_vulners/grype-vulners-db-update.sh
add workers for databases daily updates

systemctl daemon-reload

systemctl enable /path/to/grype_vulners/grype-vulners-update.service

systemctl enable /path/to/grype_vulners/grype-vulners-update.timer
start worker

systemctl start grype-vulners-update.timer

Compare it!

update grype db without vulners db

grype db update
run command

grype debian -o json > grype_example.json
start worker following the instructions above and run command again

grype debian -o json > grype_vulners_example.json

grype_vulners's People

Contributors

Stargazers

Watchers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.