Published on May 27th, 2013 | by NJ Ouchn0
vFeed – The Open Source Cross-Linked Local Vulnerability Database version Beta 0.3 released
vFeed is an open source naming scheme concept that provides extra structured detailed 3rd parties references for a CVE entry. While the emergence of the Open Standards helped undeniably to shape a new way to communicate about vulnerabilities, the new vFeed is adding an intelligent structured xml feed that provides effective level of information (meta-data) related to vulnerability.
- Built using open source technologies
- Fully downloadable SQLite local vulnerability database
- Structured new XML format to describe vulnerabilities
- Based on major open standards CVE, CPE, CWE, CVSS..
- Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
- Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
- Simple & ready to use Python module with more than 15 methods
Changelog Beta v0.3
- Rewrite vFeedApi.py as a class (added _init_db() method with sql query sanitization)
- Added a class vFeedInfo to return variables and global configuration
- Added a config.py module.
- Updated the “update.py”. Now verifies if a new db is available (support of checksum)
- Renamed method checkReferences into checkREF()
- Updated the sample scripts (vFeedAPI_calls_1 and _2) to reflect the changes
- documentation update (always in progress) and will be mainly delivered via vfeed github wiki.