mirror of
https://github.com/cve-search/cpe-guesser.git
synced 2024-11-24 15:57:22 +00:00
chg: [doc] README updated
This commit is contained in:
parent
109466e062
commit
f238ca83d4
1 changed files with 67 additions and 1 deletions
68
README.md
68
README.md
|
@ -1,6 +1,6 @@
|
|||
# CPE guesser
|
||||
|
||||
CPE guesser is a web service to guess the CPE name based on one or more keyword(s). Then the result can
|
||||
CPE guesser is a command-line or web service to guess the CPE name based on one or more keyword(s). Then the result can
|
||||
be used against [cve-search](https://github.com/cve-search/cve-search) to do actual searches by CPE names.
|
||||
|
||||
## Requirements
|
||||
|
@ -8,6 +8,66 @@ be used against [cve-search](https://github.com/cve-search/cve-search) to do act
|
|||
- Redis
|
||||
- Python
|
||||
|
||||
## Usage
|
||||
|
||||
To use CPE guesser, you have to initialise the Redis database with `import.py`. Then you can use
|
||||
the software with `lookup.py` to find the most probable CPE matching the keywords provided.
|
||||
|
||||
### Command line - `lookup.py`
|
||||
|
||||
~~~~
|
||||
usage: lookup.py [-h] [--word WORD]
|
||||
|
||||
Find potential CPE names from a list of keyword(s) and return a JSON of the results
|
||||
|
||||
optional arguments:
|
||||
-h, --help show this help message and exit
|
||||
--word WORD One or more keyword(s) to lookup
|
||||
~~~~
|
||||
|
||||
|
||||
~~~~
|
||||
python3 lookup.py --word microsoft --word sql --word server | jq .
|
||||
[
|
||||
[
|
||||
51076,
|
||||
"cpe:2.3:a:microsoft:sql_server_2017_reporting_services"
|
||||
],
|
||||
[
|
||||
51077,
|
||||
"cpe:2.3:a:microsoft:sql_server_2019_reporting_services"
|
||||
],
|
||||
[
|
||||
57612,
|
||||
"cpe:2.3:a:quest:intrust_knowledge_pack_for_microsoft_sql_server"
|
||||
],
|
||||
[
|
||||
60090,
|
||||
"cpe:2.3:o:microsoft:sql_server"
|
||||
],
|
||||
[
|
||||
60660,
|
||||
"cpe:2.3:a:microsoft:sql_server_desktop_engine"
|
||||
],
|
||||
[
|
||||
64489,
|
||||
"cpe:2.3:a:microsoft:sql_server_reporting_services"
|
||||
],
|
||||
[
|
||||
75465,
|
||||
"cpe:2.3:a:microsoft:sql_server_management_studio"
|
||||
],
|
||||
[
|
||||
77161,
|
||||
"cpe:2.3:a:microsoft:sql_server"
|
||||
],
|
||||
[
|
||||
77793,
|
||||
"cpe:2.3:a:ibm:tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server"
|
||||
]
|
||||
]
|
||||
~~~~
|
||||
|
||||
## How does this work?
|
||||
|
||||
A CPE entry is composed of a human readable name with some references and the structured CPE name.
|
||||
|
@ -37,3 +97,9 @@ cpe (vendor:product) per version to give a probability of the CPE appearance.
|
|||
|
||||
- `w:<word>` set
|
||||
- `s:<word>` sorted set with a score depending of the number of appearance
|
||||
|
||||
# License
|
||||
|
||||
Software is open source and released under a 2-Clause BSD License
|
||||
|
||||
Copyright (C) 2021 Alexandre Dulaunoy
|
||||
|
|
Loading…
Reference in a new issue