{"id":22281701,"url":"https://github.com/arpsyndicate/puncia","last_synced_at":"2025-05-14T21:10:42.902Z","repository":{"id":193861628,"uuid":"689642135","full_name":"ARPSyndicate/puncia","owner":"ARPSyndicate","description":"Panthera(P.)uncia - Official CLI utility for Osprey Vision, Subdomain Center \u0026 Exploit Observer. ","archived":false,"fork":false,"pushed_at":"2025-05-01T01:35:57.000Z","size":348,"stargazers_count":645,"open_issues_count":0,"forks_count":29,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-05-08T02:55:29.748Z","etag":null,"topics":["arpsyndicate","cyclonedx","cyclonedx-sbom","exploit","sbom","sbom-tool","subdomain","vulnerability"],"latest_commit_sha":null,"homepage":"https://pypi.org/project/puncia/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ARPSyndicate.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"arpsyndicate"}},"created_at":"2023-09-10T13:10:16.000Z","updated_at":"2025-05-01T01:30:23.000Z","dependencies_parsed_at":"2023-12-25T18:04:26.706Z","dependency_job_id":"2c8b8663-e00a-4abc-830a-da07ff69da95","html_url":"https://github.com/ARPSyndicate/puncia","commit_stats":{"total_commits":10,"total_committers":2,"mean_commits":5.0,"dds":0.09999999999999998,"last_synced_commit":"dd49a81b9239968c8af9b05bb674d9bc878e3216"},"previous_names":["arpsyndicate/puncia"],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARPSyndicate%2Fpuncia/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ARPSyndicate","download_url":"https://codeload.github.com/ARPSyndicate/puncia/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254227631,"owners_count":22035671,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arpsyndicate","cyclonedx","cyclonedx-sbom","exploit","sbom","sbom-tool","subdomain","vulnerability"],"created_at":"2024-12-03T16:20:55.737Z","updated_at":"2025-05-14T21:10:42.883Z","avatar_url":"https://github.com/ARPSyndicate.png","language":"Python","funding_links":["https://github.com/sponsors/arpsyndicate"],"categories":[],"sub_categories":[],"readme":"# Panthera(P.)uncia\n\n### Official CLI utility for Osprey Vision, Subdomain Center \u0026 Exploit Observer\n\n[![Downloads](https://pepy.tech/badge/puncia)](https://pepy.tech/project/puncia)\n\u003cimg src=\"https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat\"\u003e\n\u003cimg alt=\"GitHub stars\" src=\"https://img.shields.io/github/stars/ARPSyndicate/puncia\"\u003e\n\u003cbr\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/ARPSyndicate/puncia/master/puncia.png\" width=25%\u003e\n\u003cbr\u003e\nPuncia utilizes three of our intelligent APIs to gather the results - \u003cbr\u003e\n\n- [Subdomain Center - The World's Largest Subdomain \u0026 Shadow IT Intelligence Database](https://subdomain.center)\u003cbr\u003e\n- [Exploit Observer - The World's Largest Exploit \u0026 Vulnerability Intelligence Database](https://exploit.observer)\u003cbr\u003e\n- [Osprey Vision - The World's Most Bleeding Edge AI for Information Discovery](https://osprey.vision)\n\n**Please note that although these results can sometimes be pretty inaccurate \u0026 unreliable, they can greatly differ from time to time due to their self-improvement capabilities.**\n\n**Aggressive rate-limits can be avoided with an API key: https://www.arpsyndicate.io/pricing.html**\n\n## Practical Applications\n\n1. **Mapping External Attack Surfaces**  \n   Identify and monitor exposed subdomains and infrastructure components across the internet.\n2. **Advanced Vulnerability Research \u0026 Monitoring**  \n   Discover and track known and emerging threats, including obscure or unlisted vulnerabilities.\n3. **Contextual Enrichment of CVE/GHSA Data**  \n   Add depth and actionable intelligence to known vulnerabilities for better prioritization.\n4. **LLM-Driven Summarization \u0026 Prompt Execution**  \n   Leverage AI to summarize web content or generate code and analysis based on natural language prompts.\n5. **Automated Vulnerability Advisory Creation**  \n   Instantly generate detailed, multilingual security advisories for discovered vulnerabilities.\n6. **Vulnerability Detection in Software Bill of Materials (SBOM)**  \n   Analyze software components for known exploits and security issues using structured SBOM data.\n7. **Seamless Integration with CI/CD \u0026 Threat Intel Workflows**  \n   Automate intelligence gathering and vulnerability checks within development or security pipelines.\n8. **Monitoring Nation-State Exploit Trends**  \n   Stay ahead of threats by tracking vulnerabilities flagged by foreign actors but not yet recognized by mainstream databases.\n9. **Replica Domain Detection \u0026 Brand Protection**  \n   Identify replica or lookalike domains that could be used in phishing or impersonation attacks.\n10. **Bulk Threat Intelligence Processing**  \n   Run batch queries (domains, vulnerabilities, etc.) for scalable analysis across large datasets or enterprise asset inventories.\n11. **Passive Reconnaissance for Red Teams**  \n   Conduct stealthy reconnaissance by using passive data sources (no direct interaction with targets).\n12. **Open Source Intelligence (OSINT) Collection**  \n   Combine subdomain, exploit, and content summarization features to enhance OSINT investigations.\n13. **Security Blog \u0026 Research Digest Automation**  \n   Automatically summarize technical blog posts and reports into actionable briefs.\n14. **Cross-Language Security Intelligence Delivery**  \n   Translate advisories or technical content into other languages for global teams and multilingual incident response.\n15. **Compliance \u0026 Risk Management Support**  \n   Enrich vulnerability data to support compliance audits (e.g., ISO 27001, SOC 2) with deeper context.\n\n\n## Installation\n\n1. From PyPi - `pip3 install puncia`\n2. From Source - `pip3 install .`\u003cbr\u003e\n\n\n## Usage\n\n1.  (PAID) Store an API key (storekey) - `puncia storekey \u003capi-key\u003e`\n2.  (FREEMIUM) Interact with the LLM (chat) - `puncia chat \"\u003cprompt\u003e\" \u003coutput-file\u003e`\n3.  (PAID) Summarize Webpages with the LLM (summarize) - `puncia summarize \"\u003clinks\u003e\" \u003coutput-file\u003e`\n4.  (FREEMIUM) Query Domains (subdomain) - `puncia subdomain \u003cdomain\u003e \u003coutput-file\u003e`\n5.  (FREEMIUM) Query Replica Domains (replica) - `puncia replica \u003cdomain\u003e \u003coutput-file\u003e`\n6.  Query Exploit \u0026 Vulnerability Identifiers (exploit)\n    - (FREE) Russian VIDs with no associated CVEs (^RU_NON_CVE) - `puncia exploit ^RU_NON_CVE  \u003coutput-file\u003e` \n    - (FREE) Chinese VIDs with no associated CVEs (^CN_NON_CVE) - `puncia exploit ^CN_NON_CVE  \u003coutput-file\u003e`\n    - (FREE) Vulnerability \u0026 Exploit Identifers Watchlist (^WATCHLIST_IDES) - `puncia exploit ^WATCHLIST_IDES  \u003coutput-file\u003e`\n    - (FREE) Vulnerability \u0026 Exploit Identifers Watchlist with Descriptions (^WATCHLIST_INFO) - `puncia exploit ^WATCHLIST_INFO  \u003coutput-file\u003e`\n    - (FREE) Vulnerable Technologies Watchlist (^WATCHLIST_TECH) - `puncia exploit ^WATCHLIST_TECH  \u003coutput-file\u003e`\n    - (FREEMIUM) [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers) - `puncia exploit \u003ceoidentifier\u003e \u003coutput-file\u003e`\n7.  (PAID) Generate Vulnerability Advisory with the LLM (advisory) - `puncia advisory \"\u003ceoidentifier\u003e|\u003clanguage\u003e\" \u003coutput-file\u003e`\n8.  (FREEMIUM) Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich \u003ccve-id/ghsa-id\u003e \u003coutput-file\u003e`\n9.  Multiple Queries (bulk/sbom)\n\n    - (FREEMIUM) Bulk Input JSON File Format - `puncia bulk \u003cjson-file\u003e \u003coutput-directory\u003e`\n      ```json\n      {\n          \"subdomain\": [\n              \"domainA.com\",\n              \"domainB.com\"\n          ],\n          \"replica\": [\n              \"domainA.com\",\n              \"domainB.com\"\n          ],\n          \"exploit\": [\n              \"eoidentifierA\",\n              \"eoidentifierB\"\n          ],\n          \"enrich\": [\n              \"eoidentifierA\",\n              \"eoidentifierB\"\n          ],\n          \"advisory\": [\n              \"eoidentifierA\",\n              \"eoidentifierB|GERMAN\"\n          ]\n      }\n      ```\n    - (FREEMIUM) [SBOM Input JSON File Format](https://github.com/CycloneDX/bom-examples/blob/master/SBOM/protonmail-webclient-v4-0912dff/bom.json) - `puncia sbom \u003cjson-file\u003e \u003coutput-directory\u003e`\n\n10.  (FREEMIUM) External Import\n\n   ```python\n   import puncia\n   import asyncio\n\n   async def main():\n      # Without API Key\n      print(await puncia.query_api(\"exploit\", \"CVE-2021-3450\"))\n      print(await puncia.query_api(\"subdomain\", \"arpsyndicate.io\"))\n      print(await puncia.query_api(\"chat\", \"write a xss fuzzer in python\"))\n\n      # With API Key\n      await puncia.store_key(\"ARPS-xxxxxxxxxx\")\n      api_key = await puncia.read_key()\n      print(await puncia.query_api(\"subdomain\", \"arpsyndicate.io\", apikey=api_key))\n      print(await puncia.query_api(\"exploit\", \"CVE-2021-3450\", apikey=api_key))\n      print(await puncia.query_api(\"chat\", \"write a xss fuzzer in python\", apikey=api_key))\n      print(await puncia.query_api(\"summarize\", \"https://www.osintteam.com/combating-the-darkest-depths-of-cyber-intelligence-the-pall-mall-process/\", apikey=api_key))\n      print(await puncia.query_api(\"advisory\", \"CVE-2025-31324\", apikey=api_key))\n      print(await puncia.query_api(\"advisory\", \"CVE-2025-31324|FRENCH\", apikey=api_key))\n\n   # Run the main async function\n   asyncio.run(main())\n   ```\n\n\u003cbr\u003e\n\n### CVE Enrichment \n\u003cimg src=\"https://raw.githubusercontent.com/ARPSyndicate/puncia/master/cve-enrich-diff.png\" width=\"1500px\"\u003e\n\u003cbr\u003e\n\n### GHSA Enrichment \n\u003cimg src=\"https://raw.githubusercontent.com/ARPSyndicate/puncia/master/ghsa-enrich-diff.png\" width=\"1500px\"\u003e\n\u003cbr\u003e\n\n## Noteworthy Mentions\n\n- [Passive Subdomain Enumeration: Uncovering More Subdomains than Subfinder \u0026 Amass](https://osintteam.com/passive-subdomain-enumeration-uncovering-more-subdomains-than-subfinder-amass/)\n- [Around 1000 exploitable cybersecurity vulnerabilities that MITRE \u0026 NIST ‘might’ have missed but China or Russia didn’t.](https://blog.arpsyndicate.io/over-a-1000-vulnerabilities-that-mitre-nist-might-have-missed-but-china-or-russia-did-not-871b2364a526)\n- [Utilizing GitHub Actions for gathering Subdomain \u0026 Exploit Intelligence](https://blog.arpsyndicate.io/utilizing-github-actions-for-gathering-subdomain-exploit-intelligence-bbc79c19bb85)\n- [Introducing Exploit Observer — More than Shodan Exploits, Less than Vulners](https://blog.arpsyndicate.io/introducing-exploit-observer-more-than-shodan-exploits-less-than-vulners-23eaea466e4a)\n- [PUNCIA — The Panthera(P.)uncia of Cybersecurity](https://blog.arpsyndicate.io/puncia-the-panthera-p-uncia-of-cybersecurity-ft-puncia-subdomain-center-exploit-observer-9a9d8cca9576)\n- [Subdomain Enumeration Tool Face-off - 2023 Edition](https://blog.blacklanternsecurity.com/p/subdomain-enumeration-tool-face-off-4e5)\n\n## More from [A.R.P. Syndicate](https://www.arpsyndicate.io)\n\n- [VEDAS Advisories](https://vedas.arpsyndicate.io)\n- [Open Source Intelligence](https://asm.arpsyndicate.io/intelligence.html)\n- [Attack Surface Management](https://asm.arpsyndicate.io)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farpsyndicate%2Fpuncia","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farpsyndicate%2Fpuncia","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farpsyndicate%2Fpuncia/lists"}