{"id":13598874,"url":"https://github.com/orhun/flawz","last_synced_at":"2025-05-14T21:06:38.085Z","repository":{"id":240373491,"uuid":"801140648","full_name":"orhun/flawz","owner":"orhun","description":"A Terminal UI for browsing security vulnerabilities (CVEs)","archived":false,"fork":false,"pushed_at":"2025-04-01T07:16:29.000Z","size":7412,"stargazers_count":457,"open_issues_count":14,"forks_count":15,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-13T18:44:33.129Z","etag":null,"topics":["cve","cve-search","ratatui","ratatui-rs","rust","security","security-vulnerability","terminal-ui","terminal-user-interface","tui","vulnerability","vulnerability-search"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/orhun.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE-APACHE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"orhun","patreon":"orhunp","buy_me_a_coffee":"orhun"}},"created_at":"2024-05-15T17:09:59.000Z","updated_at":"2025-04-12T14:04:13.000Z","dependencies_parsed_at":"2024-12-27T11:01:12.439Z","dependency_job_id":"ec7ff75b-0d38-4c4a-a32d-b510d5f9edeb","html_url":"https://github.com/orhun/flawz","commit_stats":{"total_commits":87,"total_committers":9,"mean_commits":9.666666666666666,"dds":0.1839080459770115,"last_synced_commit":"46f74ede0177dda0f9e15856b97c581381fe90f7"},"previous_names":["orhun/flawz"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/orhun%2Fflawz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/orhun%2Fflawz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/orhun%2Fflawz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/orhun%2Fflawz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/orhun","download_url":"https://codeload.github.com/orhun/flawz/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254227612,"owners_count":22035669,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","cve-search","ratatui","ratatui-rs","rust","security","security-vulnerability","terminal-ui","terminal-user-interface","tui","vulnerability","vulnerability-search"],"created_at":"2024-08-01T17:00:57.657Z","updated_at":"2025-05-14T21:06:33.072Z","avatar_url":"https://github.com/orhun.png","language":"Rust","funding_links":["https://github.com/sponsors/orhun","https://patreon.com/orhunp","https://buymeacoffee.com/orhun","https://github.com/sponsors/orhun)!"],"categories":["security","\u003ca name=\"security\"\u003e\u003c/a\u003eSecurity and encryption","Table of Contents","💻 Apps","Rust","Security Tools"],"sub_categories":["🚀 Productivity and Utilities"],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003ca href=\"https://github.com/orhun/flawz\"\u003e\n  \u003cimg src=\"assets/flawz-logo.png\" width=\"600\"\u003e\n\u003c/a\u003e\n\n\u003ca href=\"https://github.com/orhun/flawz/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/orhun/flawz?style=flat\u0026amp;labelColor=171717\u0026amp;color=47304d\u0026amp;logo=GitHub\u0026amp;logoColor=white\" alt=\"GitHub Release\"\u003e\u003c/a\u003e\n\u003ca href=\"https://crates.io/crates/flawz/\"\u003e\u003cimg src=\"https://img.shields.io/crates/v/flawz?style=flat\u0026amp;labelColor=171717\u0026amp;color=47304d\u0026amp;logo=Rust\u0026amp;logoColor=white\" alt=\"Crate Release\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/orhun/flawz/actions?query=workflow%3A%22Continuous+Integration%22\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/orhun/flawz/ci.yml?branch=main\u0026amp;style=flat\u0026amp;labelColor=171717\u0026amp;color=47304d\u0026amp;logo=GitHub%20Actions\u0026amp;logoColor=white\" alt=\"Continuous Integration\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/orhun/flawz/actions?query=workflow%3A%22Release%22\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/orhun/flawz/release.yml?style=flat\u0026amp;labelColor=171717\u0026amp;color=47304d\u0026amp;logo=GitHub%20Actions\u0026amp;logoColor=white\u0026amp;label=release\" alt=\"Continuous Deployment\"\u003e\u003c/a\u003e\n\u003ca href=\"https://docs.rs/flawz/\"\u003e\u003cimg src=\"https://img.shields.io/docsrs/flawz?style=flat\u0026amp;labelColor=171717\u0026amp;color=47304d\u0026amp;logo=Rust\u0026amp;logoColor=white\" alt=\"Documentation\"\u003e\u003c/a\u003e\n\n---\n\n**flawz** is a Terminal User Interface (TUI) for browsing the security vulnerabilities (also known as [CVEs](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)).\n\n\u003c/div\u003e\n\nAs default it uses the vulnerability database ([NVD](https://nvd.nist.gov)) from [NIST](https://www.nist.gov) and provides search and listing functionalities in the terminal with different theming options.\n\nFor example, to view details on the notorious [xz vulnerability](https://nvd.nist.gov/vuln/detail/CVE-2024-3094):\n\n```sh\nflawz --feeds 2024 --query xz\n```\n\n![demo](assets/demo.gif)\n\n\u003cdetails\u003e\n  \u003csummary\u003eTable of Contents\u003c/summary\u003e\n\n\u003c!-- vim-markdown-toc GFM --\u003e\n\n- [Installation](#installation)\n  - [Cargo](#cargo)\n  - [Arch Linux](#arch-linux)\n  - [Alpine Linux](#alpine-linux)\n  - [Homebrew](#homebrew)\n  - [NetBSD](#netbsd)\n  - [Binary releases](#binary-releases)\n  - [Build from source](#build-from-source)\n- [Usage](#usage)\n- [Key bindings](#key-bindings)\n- [Examples](#examples)\n- [Themes](#themes)\n  - [Dracula (default)](#dracula-default)\n  - [Nord](#nord)\n  - [One Dark](#one-dark)\n  - [Solarized Dark](#solarized-dark)\n  - [Gruvbox Light](#gruvbox-light)\n  - [Gruvbox Material Dark Hard](#gruvbox-material-dark-hard)\n  - [Catppuccin](#catppuccin)\n- [Support](#support)\n- [Contributing](#contributing)\n- [License](#license)\n- [Copyright](#copyright)\n\n\u003c!-- vim-markdown-toc --\u003e\n\n\u003c/details\u003e\n\n## Installation\n\n\u003cdetails\u003e\n  \u003csummary\u003ePackaging status\u003c/summary\u003e\n\n[![Packaging status](https://repology.org/badge/vertical-allrepos/flawz.svg)](https://repology.org/project/flawz/versions)\n\n\u003c/details\u003e\n\n### Cargo\n\n**flawz** can be installed from [crates.io](https://crates.io/crates/flawz) using [`cargo`](https://doc.rust-lang.org/cargo/) if [Rust](https://www.rust-lang.org/tools/install) is installed.\n\n```sh\ncargo install --locked flawz\n```\n\nThe minimum supported Rust version (MSRV) is `1.74.1`.\n\n\u003e [!NOTE]\n\u003e You need to have SQLite 3 development files installed. On Debian and its derivates you can do so with the following command:\n\u003e\n\u003e ```sh\n\u003e sudo apt install libsqlite3-dev\n\u003e ```\n\n### Arch Linux\n\n**flawz** can be installed from the [official repositories](https://archlinux.org/packages/extra/x86_64/flawz/) using [`pacman`](https://wiki.archlinux.org/title/Pacman):\n\n```sh\npacman -S flawz\n```\n\n### Alpine Linux\n\n**flawz** is available for [Alpine Edge](https://pkgs.alpinelinux.org/packages?name=flawz\u0026branch=edge). It can be installed via [`apk`](https://wiki.alpinelinux.org/wiki/Alpine_Package_Keeper) after enabling the [testing repository](https://wiki.alpinelinux.org/wiki/Repositories).\n\n```sh\napk add flawz\n```\n\n### Homebrew\n\n**flawz** is available for macOS via [Homebrew](https://github.com/Homebrew/homebrew-core/blob/master/Formula/f/flawz.rb). It can be installed using [`brew`](https://brew.sh/)\n\n```sh\nbrew install flawz\n```\n\n### Nixpkgs\n\n**flawz** is available for Nix via [nixpkgs-unstable](https://github.com/NixOS/nixpkgs/blob/nixpkgs-unstable/pkgs/by-name/fl/flawz/package.nix) channel. To make it available in the environment, simply run:\n\n```sh\nnix-channel --add https://nixos.org/channels/nixpkgs-unstable\nnix-channel --update nixpkgs\nnix-env -iA nixpkgs.flawz\n```\n\nOn [NixOS](https://nixos.org/nixos/):\n\n```sh\nnix-channel --add https://nixos.org/channels/nixos-unstable\nnix-channel --update nixos\nnix-env -iA nixos.flawz\n```\n\nAlternatively, if you're using the new experimental CLI, you can use the following:\n\n```sh\nnix run nixpkgs#flawz\n```\n\n### NetBSD\n\n**flawz** is available from the [official repositories](https://pkgsrc.se/security/flawz). To install it, simply run:\n\n```sh\npkgin install flawz\n```\n\n### Binary releases\n\nSee the available binaries for different targets from the [releases page](https://github.com/orhun/flawz/releases).\n\n### Build from source\n\n1. Clone the repository.\n\n```sh\ngit clone https://github.com/orhun/flawz \u0026\u0026 cd flawz/\n```\n\n2. Build.\n\n```sh\nCARGO_TARGET_DIR=target cargo build --release\n```\n\nBinary will be located at `target/release/flawz`.\n\n## Usage\n\n```sh\nflawz [OPTIONS]\n```\n\n**Options**:\n\n```sh\n  --url \u003cURL\u003e           A URL where NIST CVE 1.1 feeds can be found [env: URL=] [default:\n                        https://nvd.nist.gov/feeds/json/cve/1.1/]\n-f, --feeds [\u003cFEEDS\u003e...]  List of feeds that are going to be synced [env: FEEDS=] [default: 2002:2024 recent\n                        modified]\n-d, --db \u003cDB\u003e             Path to the SQLite database used to store the synced CVE data [env: DB=]\n-u, --force-update        Always fetch feeds\n-o, --offline             Do not fetch feeds\n-q, --query \u003cQUERY\u003e       Start with a search query [env: QUERY=]\n-t, --theme \u003cTHEME\u003e       Set the theme [default: dracula] [possible values: dracula, nord, one-dark, solarized-dark, gruvbox-light, gruvbox-material-dark-hard, catppuccin]\n-h, --help                Print help (see more with '--help')\n-V, --version             Print version\n```\n\n## Key bindings\n\n| Key          | Action      | Description                                 |\n| ------------ | ----------- | ------------------------------------------- |\n| `k` / `Up`   | Scroll Up   | Scroll up the list                          |\n| `j` / `Down` | Scroll Down | Scroll down the list                        |\n| `Enter`      | Select      | View the selected CVE details               |\n| `/`          | Search      | Search for a CVE                            |\n| `Space`      | Open        | Open the first CVE reference in the browser |\n| `q`          | Quit        | Set computer on fire                        |\n\n## Examples\n\nTo start with a specific search query:\n\n```sh\nflawz --query \"buffer overflow\"\n```\n\nYou can use the `--feeds` option to sync specific years of feeds:\n\n```sh\nflawz --feeds 2010:2015 recent\n```\n\nAdditionally, you can use the following flags:\n\n- `--force-update`: Always fetch feeds, even if they are already up to date.\n- `--offline`: Run without fetching feeds (useful if you have already synced the data):\n\nFor example, you can use the following command to search for a specific vulnerability from 2014:\n\n```sh\nflawz -q \"CVE-2014-0160\" -f 2014 --force-update\n```\n\n## Themes\n\nStart `flawz` with `--theme` option to set a custom theme, e.g. `--theme nord`.\n\n### Dracula (default)\n\n![dracula](assets/theme-dracula.jpg)\n\n### Nord\n\n![nord](assets/theme-nord.jpg)\n\n### One Dark\n\n![one dark](assets/theme-one-dark.jpg)\n\n### Solarized Dark\n\n![solarized dark](assets/theme-solarized-dark.jpg)\n\n### Gruvbox Light\n\n![gruvbox light](assets/theme-gruvbox-light.jpg)\n\n### Gruvbox Material Dark Hard\n\n![gruvbox material dark hard](assets/theme-gruvbox-material-dark-hard.jpg)\n\n### catppuccin\n\n![Catppuccin](assets/theme-catppuccin.png)\n\n## Support\n\n[![Support me on GitHub Sponsors](https://img.shields.io/github/sponsors/orhun?style=flat\u0026logo=GitHub\u0026labelColor=1D272B\u0026color=819188\u0026logoColor=white)](https://github.com/sponsors/orhun)\n\nIf you find **flawz** and/or other projects [on my GitHub](https://github.com/orhun) useful, consider supporting me on [GitHub Sponsors](https://github.com/sponsors/orhun)! 💖\n\n## Contributing\n\nSee our [Contribution Guide](./CONTRIBUTING.md) and please follow the [Code of Conduct](./CODE_OF_CONDUCT.md) in all your interactions with the project.\n\n## License\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg?style=flat\u0026logo=GitHub\u0026labelColor=1D272B\u0026color=819188\u0026logoColor=white)](./LICENSE-MIT)\n[![License: Apache 2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg?style=flat\u0026logo=GitHub\u0026labelColor=1D272B\u0026color=819188\u0026logoColor=white)](./LICENSE-APACHE)\n\nLicensed under either of [Apache License Version 2.0](./LICENSE-APACHE) or [The MIT License](./LICENSE-MIT) at your option.\n\n🦀 ノ( º \\_ º ノ) - respect crables!\n\n## Copyright\n\nCopyright © 2024, [Orhun Parmaksız](mailto:orhunparmaksiz@gmail.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Forhun%2Fflawz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Forhun%2Fflawz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Forhun%2Fflawz/lists"}