Giter Club home page Giter Club logo

cnvd-helper's Introduction

CNVD-helper

一个辅助提交 CNVD/CNNVD/CVE 漏洞的工具

背景

工业和信息化部、国家互联网信息办公室、公安部三部门联合印发《网络产品安全漏洞管理规定》,自2021年9月1日起施行。

而提交 CNVD 需要的步骤较为繁琐,不仅要填写网页表单,还要填写 Word 模板并上传压缩包。

上传压缩包文件结构如下:

[通用型漏洞名称]
├── email.txt
├── [通用型漏洞名称].docx
└── [通用型漏洞名称](说明:以漏洞名称命名的POC、验证录像ZIP格式整合压缩文件).zip

有时需要向多个平台提交漏洞,所需材料相互交叉,不易管理。

使用本工具后,对某一漏洞只需填写一份配置文件,即可:

  • 根据 CNNVD 提供的 docx 模板自动生成漏洞提交表
  • 生成自动提交 CNVD 网页表单的 JavaScript 代码
  • 生成自动提交 CVE 网页表单的 JavaScript 代码

使用方法

  1. conf/ 下复制配置文件并填写内容
  2. 执行 python main.py --conf 配置名称
  3. 自动生成对应目录及文件,自行添加附件内容并打包即可

CNVD/CNNVD 区分通用型和事件型漏洞,目前只适配通用型漏洞的模板和表单。

参考

《网络产品安全漏洞管理规定》

国家信息安全漏洞库 (cnnvd.org.cn)

CNNVD漏洞命名规范

CNNVD漏洞分类指南

CNNVD漏洞分级规范

cnvd-helper's People

Contributors

chinggg avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.