Metadata-Version: 2.1
Name: cvetrends
Version: 0.0.1
Summary: cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
Home-page: https://github.com/puzzlepeaches/cvetrends
License: BSD 3-Clause License
Author: Nicholas
Author-email: nanastasi@sprocketsecurity.com
Requires-Python: >=3.8,<4.0
Classifier: Environment :: Console
Classifier: License :: Other/Proprietary License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Topic :: Security
Requires-Dist: click
Requires-Dist: click-config-file
Requires-Dist: notifiers (>=1.3.3,<2.0.0)
Requires-Dist: python-box (>=6.0.2,<7.0.0)
Requires-Dist: requests (>=2.27.1,<3.0.0)
Requires-Dist: rich (>=12.4.1,<13.0.0)
Requires-Dist: rich-click (>=1.5.2,<2.0.0)
Project-URL: Repository, https://github.com/puzzlepeaches/cvetrends
Description-Content-Type: text/markdown

<div align="center">
 
# cvet

  <img width="1030" alt="02082022_12 53-000469" src="https://user-images.githubusercontent.com/8538866/182379468-62be89b8-a4d3-4232-987a-8576906e0a63.png">

 <br><br>
 
cvet is a Python utility for pulling actionable vulnerabilities from [cvetrends.com](https://cvetrends.com/).

Find out more information at our [blog](https://www.sprocketsecurity.com/resources/cve-trends-command-line-tool).
<br>

[Installation](#installation) /
[Usage](#usage)

</div><br>

</div>
<br>

## Installation

cvet can be installed from PyPi using the following command:

```
pipx install cvet
```

If this tool is not yet availible via PyPi, you can install it directly from the repository using:

```
git clone https://github.com/Sprocket-Security/cvetrends.git
cd cvetrends && pip3 install .
```

For development, clone the repository and install it locally using poetry.

```
git clone https://github.com/Sprocket-Security/cvetrends.git && cd cvetrends
poetry shell 
poetry install
```

<br>

## Usage

The cvet help menu is shown below:

```
 Usage: cvet [OPTIONS] [[day|week]]                                                                                              
                                                                                                                                 
 cvetrends.com CLI                                                                                                               
                                                                                                                                 
╭─ Arguments ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ TIME_FRAME    [[day|week]]                                                                                                    │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Options ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ --notify          -n   TEXT     Slack webhook to notify on run                                                                │
│ --repo-threshold  -rt  INTEGER  Number of repos needed to show CVE. [default: 1]                                              │
│ --help            -h            Show this message and exit.                                                                   │
╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
```

cvet can query time frames of 24 hours or 7 days using a value of `day` or `week`. The default is `day`.

```
cvet week 
```

Results are returned in a pretty table format and only vulnerabilities that have more than `-rt` PoC GitHub repos published are shown. The default is 1.

```
cvet day -rt 2
```

cvet also allows you to specify a Slack webhook to notify on run using the `-n` or `--notify` flag. This is useful if you want to be notified of new vulnerabilities and run this tool on a cron.

```
cvet -n https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -rt 2 
```

An example Slack notification is shown below:

<img width="877" alt="02082022_12 54-000470" src="https://user-images.githubusercontent.com/8538866/182379759-238c40a8-383f-4808-95c6-928eaf537f85.png">



