Skip to content
/ cisa-known-vuln-scraper Public

Scraper for daily renewal of the Known Exploited Vulnerabilities Catalog by CISA

benjitrapp.github.io
5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BenjiTrapp/cisa-known-vuln-scraper

BranchesTags

Repository files navigation

Daily scraper of CISA KEV json


Daily scaraping of Known Exploited Vulnerabilities @ CISA

Mirroring https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.jsondaily and stores it on GitHub, since CISA restricts access and applys rate limites. This simply helps to keep everything at one place, and my automation up and running.

How it works

The magic is done with the help of this GitHub Action

How to consume it

You can simply grep the file and search in it like this:

# Store file
curl https://raw.githubusercontent.com/BenjiTrapp/cisa-known-vuln-scraper/main/cisa-kev.json -o cisa-kev.json

# Search by product name
jq -r '.vulnerabilities[] | select(.product == "FTA")' cisa-kev.json

# Search by Product name
jq -r '.vulnerabilities[] | select(.vendorProject == "Progress")' cisa-kev.json

# Search by CVE
jq -r '.vulnerabilities[] | select(.cveID == "CVE-2023-34362")' cisa-kev.json

For integration within Gradle it would look like this:

dependencyCheck {
    analyzers {
        knownExploitedURL = "https://raw.githubusercontent.com/BenjiTrapp/cisa-known-vuln-scraper/main/cisa-kev.json"
    }
}

About

Scraper for daily renewal of the Known Exploited Vulnerabilities Catalog by CISA

benjitrapp.github.io

Topics

vulnerability-management cisa github-actions known-vuln cisa-kev

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages