Published on June 29th, 2013 | by NJ Ouchn0
vFeed – The Open Source Cross-Linked Local Vulnerability Database version Beta 0.3.9 released
vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.
It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards.
- Added the support of Metasploit Ids. Now vFeed reports msf exploit id, link to file and title
- Added the support of CAPEC. When the reference exists, the CAPEC id and link are reported accordingly with its associated CWE
- checkCWE extended to support the CWE title. Sometimes, it’s comfortable to deal with human words than ids 😉
- checkRISK extended to support Top Categories as CWE/SANS 2011, OWASP 2010 etc. Whenever the CVE is flagged with specific categories (see api.py at _isTopAlert),the topAlert value is filled with categories name such as OWASP Top Ten 2010 Category A1 – Injection or 2011 Top 25 – Insecure Interaction Between Components
- checkCVSS extended to support the CVSS Vector.
- To reflect the newest cross references, 3 new methods have been added
- checkMSF to check for Metasploit sploits or plugins
- checkCAPEC to enumerate the CWE associated (and indirectly CVE) CAPEC ids
- checkCATEGORY to list the whole Top Categories associated with CWE and indirectly CVE. This method is useful if topAlert doesnt report any known Top List.
- Updated checkRISK, checkCWE and checkCVSS
- updated exportXML to reflect the changes.
- vfeed.db regenerated from scratch to support the newest changes.
- Documentation as usual in progress.
- Check the sample files vFeedAPI_calls_1.py and vFeedAPI_calls_2.py to quickly understand everything works.