avatar
Untitled

Guest 222 27th Sep, 2024

MARKUP 4.62 KB
                                           
                         #!/usr/bin/env python
import warnings
import requests
import datetime
import pathlib
import json
import os
import yaml

warnings.filterwarnings("ignore", category=DeprecationWarning)
import logging, sys

from os.path import join
from enum import Enum
NVD_API_URL = "https://services.nvd.nist.gov/rest/json/cves/2.0/?"

TEAMS_WEBHOOK_URL = ""

APPLICATIONS = ["Microsoft Windows",
"Google Chrome",
"Mozilla Firefox",
"Adobe Acrobat Reader",
"Adobe Flash Player",
"Apple macOS",
"Apple iOS",
"Microsoft Internet Explorer",
"Edge",
"Linux",
"Android OS",
"Apache HTTP Server",
"Nginx",
"PHP",
"MySQL",
"Oracle Database",
"Microsoft SQL Server",
"Apache Tomcat",
"OpenSSL",
"OpenSSH",
"WordPress",
"Joomla",
"Drupal",
"VMware vSphere/ESXi",
"Cisco IOS",
"SAP NetWeaver",
"IBM WebSphere",
"Cisco ASA",
"Microsoft Exchange Server",
"Citrix ADC",
"Docker"]


# Fetch the CVEs for a specific application
def fetch_cves_for_application(application_name):
    # Request parameters for fetching CVEs for the application using keywordSearch
    # Get yesterday's date in the required format
    today = datetime.date.today()
    today_str = today.strftime("%Y-%m-%dT%H:%M:%S")
    yesterday = today - datetime.timedelta(days=1)
    yesterday_str = yesterday.strftime("%Y-%m-%dT%H:%M:%S")
    params = {
        "keywordSearch": application_name,  # Search for CVEs related to this application
        "pubStartDate": yesterday_str,  # Fetch CVEs from yesterday
        "pubEndDate": today_str,
        "cvssV3Severity": "HIGH",
    }

    # Make the API request
    response = requests.get(NVD_API_URL, params=params)

    if response.status_code == 200:
        cve_data = response.json()
        return cve_data.get("vulnerabilities", [])
    else:
        print(f"Failed to fetch data for {application_name} from NVD API. Status code: {response.status_code}")
        return []

# Send a single message with all CVEs for all applications to Microsoft Teams
def send_all_cves_to_teams(cve_summary):
    if not cve_summary:
        # No CVEs found, send a notification stating no CVEs found
        message = {
            "text": "No new CVEs found for the specified applications."
        }
    else:
        # Prepare a single message containing all CVEs for all applications
        message_text = "\n".join(cve_summary)
        message = {
            "text": f"Here are the latest CVEs:\n\n{message_text}"
        }

    # Post the message to the Teams webhook
    headers = {
        'Content-Type': 'application/json'
    }
    response = requests.post(TEAMS_WEBHOOK_URL, headers=headers, data=json.dumps(message))

    if response.status_code == 200:
        print("Message sent to Teams successfully.")
    else:
        print(f"Failed to send message to Teams. Status code: {response.status_code}")

# Main function to fetch and send CVEs to Teams
def main():
    cve_summary = []  # List to accumulate all CVE data

    for app in APPLICATIONS:
        cves = fetch_cves_for_application(app)
        if cves:
            # Format CVEs for this application and add them to the summary list
            cve_list = "\n\n".join(
                ["\n\n - --------------------------\n\n"
                    f"**CVE ID**: {cve['cve']['id']}\n\n"
                f"**Description**: {cve['cve']['descriptions'][0]['value']}\n\n"
                f"**Severity**: {cve['cve']['metrics']['cvssMetricV31'][0]['cvssData']['baseSeverity']}\n\n"
                f"**Details**: {cve['cve']['references'][0]['url']}\n\n"
                 for cve in cves]
            )

            cve_summary.append("\n\n - --------------------------\n\n"
                f"**Application**: {app}\n{cve_list}")
      #  else:
           # cve_summary.append(f"**Application**: {app}\nNo new CVEs found.\n")

    # Send the accumulated CVEs to Teams
    send_all_cves_to_teams(cve_summary)

if __name__ == "__main__":
    main()
                      
                                       
To share this paste please copy this url and send to your friends
RAW Paste Data
Recent Pastes
Ta strona używa plików cookie w celu usprawnienia i ułatwienia dostępu do serwisu oraz prowadzenia danych statystycznych. Dalsze korzystanie z tej witryny oznacza akceptację tego stanu rzeczy.
Wykorzystywanie plików Cookie
Jak wyłączyć cookies?
ROZUMIEM