Metadata-Version: 2.4
Name: TsunamiSight
Version: 0.1.0
Summary: A client that extracts vulnerability observations from Google's Tsunami Security Scanner plugin repository and pushes them to a Vulnerability-Lookup instance.
License-Expression: GPL-3.0-or-later
License-File: COPYING
Keywords: Vulnerability-Lookup,Vulnerability,CVE,Tsunami
Author: Philippe Parage
Author-email: philippe@ppa.lu
Requires-Python: >=3.10,<4.0
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Science/Research
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Provides-Extra: test
Requires-Dist: pytest (>=8.0) ; extra == "test"
Requires-Dist: pytest-mock (>=3.12) ; extra == "test"
Requires-Dist: pyvulnerabilitylookup (>=2.14.0)
Requires-Dist: requests (>=2.32.5)
Requires-Dist: valkey (>=6.1.0,<7.0.0)
Project-URL: Changelog, https://github.com/vulnerability-lookup/TsunamiSight/blob/main/CHANGELOG.md
Project-URL: Homepage, https://github.com/vulnerability-lookup/TsunamiSight
Project-URL: Repository, https://github.com/vulnerability-lookup/TsunamiSight
Description-Content-Type: text/markdown

# TsunamiSight

A client that extracts vulnerability-related observations from the
[Tsunami Security Scanner plugins](https://github.com/google/tsunami-security-scanner-plugins)
repository and publishes them as
[sightings](https://www.vulnerability-lookup.org/user-manual/sightings/)
on a Vulnerability-Lookup instance.

Each committed Tsunami detector is a compiled, executable proof-of-concept for
a specific vulnerability. TsunamiSight emits one sighting per `(plugin, CVE)`
pair with the default type `published-proof-of-concept`.

## Installation

```bash
$ pipx install TsunamiSight
$ export TSUNAMISIGHT_CONFIG=~/.TsunamiSight/conf.py
$ git clone https://github.com/google/tsunami-security-scanner-plugins.git tsunami-security-scanner-plugins
```

Copy `tsunamisight/conf_sample.py` to your chosen config path and fill in the
token + URL.

### With Docker

```bash
git clone <this repo>
cd TsunamiSight
cp tsunamisight/conf_sample.py tsunamisight/conf.py   # then fill in token
docker compose up --build
```

## Usage

```
TsunamiSight --help
usage: TsunamiSight [-h] [--init] [--dry-run]

Extract CVE references from the Tsunami plugins repo and publish sightings.

options:
  -h, --help   show this help message and exit
  --init       Full sweep: emit sightings for every CVE-bearing plugin.
  --dry-run    Parse and print (plugin, CVE, timestamp) triples without POSTing.
```

## License

GNU General Public License v3 or later. See `COPYING`.

