HackDig : Dig high-quality web security articles for hacker

Tool Tip: vFeed, (Wed, Nov 5th)

2014-11-05 01:40

I have had a number of occasions lately to use or talk about vFeed from Toolswatch.org (@toolwatch). NJ a useful Python CLI tool that pulls CVEs and other Mitre datasets.

From the vFeed Github repo: vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema. It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.

I was reminded of vFeed when @FruityWifi included a vFeed module in the latest FruityWifi release, a topic for my latest toolsmith column, Inside and Outside the Wire with FruityWifi " />

Figure 1: vFeed usage

You can use the likes of vfeedcli.py search CVE-2014-6271 to look for everyone" />

Figure 2: vFeed search

Note that vFeed recommend that I export that CVE for more information. Ok, I will! The result is an XML file that includes every facet of the vulnerability including all the reference URLs, cross references, vulnerable targets (CPE), risk scoring (CVSS), patch management details, attack patterns, assessment data (exploits vuln scanning), and even Snort Suricata signature details. I love vFeed so much I even wrote a little R app to parse vFeed XML exports for quick summaries (will be sharing in December as part of a Linux Magazine article, Security Data Analytics ">|">@holisticinfosec

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Source: ssr;pma&71981=diyrots?lmth.yraid/ude.snas.csi

Read:2329 | Comments:0 | Tags:No Tag

“Tool Tip: vFeed, (Wed, Nov 5th)”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code: