Skip to content
/ NSTS Public

The purpose of this code is to represent a search on the National Vulnerability Database (NVD) in Structured Threat Intelligence eXpression (STIX). This program takes a list of search terms or a CPE string, queries the NVD, and translates the response to STIX.

License

BSD-3-Clause license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

idaholab/NSTS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
NOTICE.txt
NOTICE.txt
 
 
nvd2stix.py
nvd2stix.py
 
 
readme.md
readme.md
 
 

Repository files navigation

Copyright 2024, Battelle Energy Alliance, LLC All Rights Reserved

NVD2STIX generates a STIX bundle of vulnerabilities given a CPE string, a list of CPE strings within a text file, or a custom search query.

Usage: Use a CPE string to query the NVD for CVEs python nvd2stix.py cpe <cpe_string> <output_file>

Query the NVD using a custom search term
`python nvd2stix.py search <query query2 ...> <output_file>`

query: Search term to query the NVD (e.g. adobe acrobat reader)
cpe_string: CPE string to be searched (e.g. cpe:2.3:a:ssh:ssh:1.2.6:*:*:*:*:*:*:*)
output_file: STIX file containing created vulnerability objects (e.g. STIXOutput.json)

LAST UPDATED: 7/16/2023 for CISA know exploited vulnerabilities listed! New vulnerabilities need to be added to the csv file

About

The purpose of this code is to represent a search on the National Vulnerability Database (NVD) in Structured Threat Intelligence eXpression (STIX). This program takes a list of search terms or a CPE string, queries the NVD, and translates the response to STIX.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages