{"id":14638169,"url":"https://github.com/EXP-Tools/threat-broadcast","last_synced_at":"2025-09-07T06:33:05.973Z","repository":{"id":37237103,"uuid":"258260421","full_name":"EXP-Tools/threat-broadcast","owner":"EXP-Tools","description":"威胁情报播报","archived":false,"fork":false,"pushed_at":"2024-10-29T12:45:53.000Z","size":2186773,"stargazers_count":374,"open_issues_count":57,"forks_count":179,"subscribers_count":11,"default_branch":"master","last_synced_at":"2024-10-29T15:14:47.734Z","etag":null,"topics":["broadcast","cve","programming","safe","threat"],"latest_commit_sha":null,"homepage":"https://exp-tools.github.io/threat-broadcast/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EXP-Tools.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"lyy289065406","patreon":null,"open_collective":null,"ko_fi":"exppoc","tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"lfx_crowdfunding":null,"custom":["https://lyy289065406.github.io/sponsor/"]}},"created_at":"2020-04-23T16:13:04.000Z","updated_at":"2024-10-29T12:45:57.000Z","dependencies_parsed_at":"2023-12-19T02:24:20.037Z","dependency_job_id":"6bc4490b-5ec7-46cc-a05c-477c894638e4","html_url":"https://github.com/EXP-Tools/threat-broadcast","commit_stats":null,"previous_names":["lyy289065406/threat-broadcast"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EXP-Tools%2Fthreat-broadcast","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EXP-Tools%2Fthreat-broadcast/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EXP-Tools%2Fthreat-broadcast/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EXP-Tools%2Fthreat-broadcast/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EXP-Tools","download_url":"https://codeload.github.com/EXP-Tools/threat-broadcast/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232183090,"owners_count":18484731,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["broadcast","cve","programming","safe","threat"],"created_at":"2024-09-10T02:01:49.176Z","updated_at":"2025-09-07T06:33:05.959Z","avatar_url":"https://github.com/EXP-Tools.png","language":"Python","readme":"# Threat-Broadcast\n\n\u003e 威胁情报播报\n\n------\n\n![fork](https://img.shields.io/github/forks/lyy289065406/threat-broadcast?style=social)\n![star](https://img.shields.io/github/stars/lyy289065406/threat-broadcast?style=social)\n\n![commit](https://img.shields.io/github/last-commit/lyy289065406/threat-broadcast)\n![Contributors](https://img.shields.io/github/contributors-anon/lyy289065406/threat-broadcast) \n\n[![license](https://img.shields.io/badge/GPLv3-License-blue)](./LICENSE)\n[![release](https://img.shields.io/badge/release-v3.0-blue)](https://github.com/lyy289065406/threat-broadcast/releases)\n[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-blue.svg)](https://github.com/lyy289065406/threat-broadcast/pulls) \n\n\n## 运行环境\n\n![](https://img.shields.io/badge/Python-3.8%2B-brightgreen.svg) \n\n\n## 项目介绍\n\n从以下公开的威胁情报来源爬取并整合最新信息：\n\n- 360：https://cert.360.cn/warning\n- 奇安信：https://ti.qianxin.com/advisory/\n- 红后：https://redqueen.tj-un.com/IntelHome.html\n- 绿盟：http://www.nsfocus.net/index.php\n- 斗象：https://vas.riskivy.com/vuln\n- NVD：https://nvd.nist.gov/feeds/xml/cve/misc/nvd-rss-analyzed.xml\n- CNNVD：http://www.cnnvd.org.cn/web/vulnerability/querylist.tag\n- Tenable (Nessus)：https://www.tenable.com/cve/feeds?sort=newest\n- ~~安全客：https://www.anquanke.com/vul~~ （该平台已经不做 CVE 分析了）\n- ~~CNVD：https://www.cnvd.org.cn/flaw/list~~ （该平台不断升级反爬机制，表示尊重）\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e关于 CVE 收录的完整性问题说明\u003c/b\u003e\u003c/summary\u003e\n\u003cbr/\u003e\n\n\n本程序只收录国内外安全厂商已收录并分析的 CVE，并不收录所有 CVE，需要全量 CVE 的同学可自行去以下站点下载：\n\n- CVEs 官网： https://cve.mitre.org/\n- GitHub（CVEs 实时同步）： https://github.com/CVEProject/cvelist\n- CIRCL（CVEs 实时同步）： https://cve.circl.lu/ 或 https://cve.circl.lu/api/browse\n- 每日 CVE： https://cassandra.cerias.purdue.edu/CVE_changes/today.html\n\n\u003c/details\u003e\n\n爬取到的 CVE 情报会作如下处理：\n\n- 【邮件播报】 接收播报信息的邮箱配置： [recv/mail_*.dat](recv/mail.dat)\n- 【邮件播报】 对所有 open 状态的 \u003ca href=\"https://github.com/lyy289065406/threat-broadcast/issues/new?title=Your+Email\u0026amp;body=Just+push+%27Submit+new+issue%27.+You+don%27t+need+to+do+anything+else.\"\u003eIssues\u003c/a\u003e 标题中的邮箱地址发送播报信息\n- 【~~实时播报~~】 接收播报信息的 QQ 群： `283212984`\n- 【~~实时播报~~】 接收播报信息的 WeChat 公众号： [\\[名称\\]`EXP技术` \\[微信号\\]`exp-blog`](imgs/wechat.png)\n- 【页面播报】 最新的 TOP30 威胁情报会更新到 [Github Page](https://lyy289065406.github.io/threat-broadcast/)\n- 【情报归档】 所有威胁情报会归档到 [sqlite](data/cves.db)\n\n\n\u003e 目前最有效的推送方式是邮件推送（建议使用手机邮箱，如 [139](https://appmail.mail.10086.cn) 可触发短信通知）\n\u003cbr/\u003e 因 QQ 机器人已停止服务，暂无法实现 QQ 群自动推送\n\u003cbr/\u003e 因 WeChat 公众号停止个人号群发服务，现只能用户自己手动获取推送\n\n\u003cdetails\u003e\n\u003csummary\u003e播报效果\u003c/summary\u003e\n\u003cbr/\u003e\n\n![](https://github.com/lyy289065406/threat-broadcast/blob/master/imgs/email.png)\n\n\u003c/details\u003e\n\n\n## 订阅方式\n\n- 【开发者订阅】 可自行 Fork 项目，通过配置定时任务向自己的邮箱推送即可\n- 【个人订阅】 在 \u003ca href=\"https://github.com/lyy289065406/threat-broadcast/issues/new?title=Your+Email\u0026amp;body=Just+push+%27Submit+new+issue%27.+You+don%27t+need+to+do+anything+else.\"\u003eIssues\u003c/a\u003e 标题留下你的邮箱即可接收播报信息（若希望取消订阅，请 close issue）\n- 【~~个人订阅~~】 加入 QQ 群： 283212984\n- 【~~个人订阅~~】 关注 WeChat 公众号：\n\u003cbr/\u003e　　**名称**： 眈眈探求\n\u003cbr/\u003e![](https://github.com/lyy289065406/threat-broadcast/blob/master/imgs/wechat.png)\n\n\n## 威胁情报推送源\n\n- QQ 群： 283212984\n- WeChat 公众号： [\\[名称\\]`眈眈探求`](imgs/wechat.png)\n- 邮箱： \n\u003cbr/\u003e　　ThreatBroadcast@126.com\n\u003cbr/\u003e　　threatbroadcast@qq.com\n\u003cbr/\u003e　　threatbroadcast@foxmail.com\n\n\n\u003e 认准我的推送源，勿点击来历不明链接，慎防钓鱼\n\n\n\n## 开发者部署\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e无服务器方式（推荐）\u003c/b\u003e\u003c/summary\u003e\n\u003cbr/\u003e\n\n本项目已配置 [Github Actions](https://docs.github.com/cn/actions/configuring-and-managing-workflows/configuring-a-workflow)，因此你只需轻松几步即可实现部署：\n\n- [Fork 本项目](https://github.com/lyy289065406/threat-broadcast) 到你的代码仓库\n- 通过 Settings --\u003e Secrets 配置用于 **发送** 威胁情报邮件的 3 个环境变量：\n    - `MAIL_SMTP`： SMTP 服务器（国内推荐 QQ），如 `smtp.qq.com`\n    - `MAIL_USER`： 邮箱账号，如 `threatbroadcast@qq.com`\n    - `MAIL_PASS`： 邮箱密码\n    - `GRAPAQL_TOKEN`： 用于调用 Github GraphQL 接口加载收件人，可于个人 `Settings` 生成\n- 启用 Settings --\u003e Actions 功能\n\n\u003e 尔后程序便会每小时执行一次，并自动生成 [Github Page](https://lyy289065406.github.io/threat-broadcast/) 播报页面（若要调整执行频率，可修改 [`autorun.yml`](.github/workflows/autorun.yml) 的 `schedule` 触发时点）\n\n![](imgs/secrets.png)\n\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e有服务器方式\u003c/b\u003e\u003c/summary\u003e\n\u003cbr/\u003e\n\n### 安装\n\n- 任意找一台 Linux 服务器（阿里云、腾讯云等）\n- 安装 python 3.8\n- 安装 python 依赖： `python -m pip install -r requirements.txt`\n- 把仓库 checkout 到服务器本地： `git clone https://github.com/lyy289065406/threat-broadcast`\n- 安装 python 依赖： `python -m pip install -r requirements.txt`\n\n\u003e 国内的云主机（阿里云/腾讯云等）为了避免滥发邮件默认关闭了对 SMTP 25 端口的出口流量，直接导致邮件无法发送。 解封需要到控制台申请，例如 《[阿里云 25 端口解封](https://help.aliyun.com/knowledge_detail/56130.html?spm=a2c4e.11153940.0.0.50664791wrBD3D\u0026source=5176.11533457\u0026userCode=r3yteowb\u0026type=copy)》、 《[腾讯云 25 端口解封](https://cloud.tencent.com/document/product/213/40436)》\n\n\n### 配置定时任务\n\n- 修改 crontab 配置文件，设置定时任务： `vim /etc/crontab`\n- 设置定时任务命令（每小时）： `0 * * * * root python ${workspace}/threat-broadcast/main.py [-any_args]`\n- 注意脚本位置需使用绝对路径，根据实际 checkout 的位置修改即可\n- 保存 crontab 配置文件后会自动生效，查看日志： `tail -10f /var/log/cron`\n\n\u003e 程序运行参数可通过 [`main.py -h`](main.py) 查看帮助文档\n\n\n### 自动生成 Github Page 播报页面\n\n- 安装 git 命令行客户端\n- 打开项目目录： `cd ${workspace}/threat-broadcast`\n- 设置使用 SSH 与 Github 连接（避免提交内容时要输入账密），详见 [这里](https://help.github.com/en/articles/connecting-to-github-with-ssh)\n- 若设置 SSH 后还要输入密码才能提交，则还需要把仓库的 https 协议改成 ssh，详见 [这里](https://help.github.com/en/articles/changing-a-remotes-url#switching-remote-urls-from-https-to-ssh)\n- 在 [`main.py`](main.py) 添加运行参数 `-ac` 可自动提交变更到仓库\n\n\n\u003e 只要爬取到新的威胁情报则会刷新 [`docs/index.html`](docs/index.html)，将其提交到仓库会自动更新 [Github Page](https://lyy289065406.github.io/threat-broadcast/)\n\n\u003c/details\u003e\n\n\n## RoadMap\n\n1. 增加供应链情报：某些很基础且被大量应用的第三方构件，突然有个很旧的历史版本放出更新，尤其是 rc 版本，则推送情报。（如 log4j）\n2. ....\n\n\n\n## 目录说明\n\n```\nthreat-broadcast\n├── README.md ............................... [项目说明]\n├── main.py ................................. [程序运行入口]\n├── cache ................................... [威胁情报缓存]\n├── data\n│   └── cves.db ............................. [sqlite: 威胁情报归档]\n├── docs .................................... [Github Page 威胁情报总览]\n├── recv\n│   ├── mail_*.dat .......................... [接收威胁情报的邮箱]\n│   └── qq_group.dat ........................ [接收威胁情报的 QQ 群]\n├── src ..................................... [项目源码]\n├── script .................................. [数据库脚本]\n├── tpl ..................................... [模板文件]\n├── imgs .................................... [项目图片]\n└── logs .................................... [项目日志]\n```\n\n\n## 版权声明\n\n　[![Copyright (C) EXP,2016](https://img.shields.io/badge/Copyright%20(C)-EXP%202016-blue.svg)](http://exp-blog.com)　[![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)\n\n- Site: [https://exp-blog.com](https://exp-blog.com) \n- Mail: \u003ca href=\"mailto:289065406@qq.com?subject=[EXP's Github]%20Your%20Question%20（请写下您的疑问）\u0026amp;body=What%20can%20I%20help%20you?%20（需要我提供什么帮助吗？）\"\u003e289065406@qq.com\u003c/a\u003e\n\n","funding_links":["https://github.com/sponsors/lyy289065406","https://ko-fi.com/exppoc","https://lyy289065406.github.io/sponsor/"],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEXP-Tools%2Fthreat-broadcast","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FEXP-Tools%2Fthreat-broadcast","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEXP-Tools%2Fthreat-broadcast/lists"}