Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Exein-io/kepler
NIST-based CVE lookup store and API powered by Rust.
https://github.com/Exein-io/kepler
cve cve-scanning cve-search rust security-tools
Last synced: 4 days ago
JSON representation
NIST-based CVE lookup store and API powered by Rust.
- Host: GitHub
- URL: https://github.com/Exein-io/kepler
- Owner: exein-io
- License: other
- Created: 2022-01-14T19:01:05.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-01-19T15:54:56.000Z (6 months ago)
- Last Synced: 2024-03-16T17:03:19.619Z (4 months ago)
- Topics: cve, cve-scanning, cve-search, rust, security-tools
- Language: Rust
- Homepage: https://exein.io/
- Size: 44.7 MB
- Stars: 118
- Watchers: 7
- Forks: 10
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Lists
- awesome-rust-security - kepler - NIST-based CVE lookup store and API powered by Rust. (Web and Cloud Security / Pentesting)
- awesome-stars - kepler - based CVE lookup store and API powered by Rust. | Exein-io | 100 | (Rust)
- awesome-software-supply-chain-security - Exein-io/kepler: NIST-based CVE lookup store and API powered by Rust
README
Kepler is a vulnerability database and lookup store and API currently utilising [National Vulnerability Database](https://nvd.nist.gov/) as data sources; implementing CPE 2.3 tree expressions and version range evaluation in realtime.
# Setup
## Docker (recommended)
We provide a docker bundle with `kepler`, dedicated PostgreSQL database and [Ofelia](https://github.com/mcuadros/ofelia) as job scheduler for continuous update
```bash
docker compose build
docker compose up
```
### Database migration notes
When the application starts checks for pending database migrations and automatically applies them. Remove the `--migrate` option to stop when a pending migration is detected
## Build from sources
Alternatively you can build `kepler` from sources. To build you need `rust`, `cargo` and `libpg-dev` (or equivalent PostgreSQL library for your Linux distribution)
```
cargo build --release
```
# Data sources
The system will automatically fetch and import new records every 3 hours if you use our [bundle](#docker-recommended), while historical data must be imported manually.
Kepler currently supports two data sources, [National Vulnerability Database](https://nvd.nist.gov/) and [NPM Advisories](https://npmjs.org/). You can import the data sources historically as follows.
## NIST Data
To import NIST records from all available years (2002 to 2022):
```bash
for year in $(seq 2002 2022); do
docker run --rm -v $(pwd)/data:/data \
-e DATABASE_URL=postgres://kepler:kepler@localhost:5432/kepler \
--network=kepler_default \
kepler:dev import_nist $year -d /data;
done
```
The system will automatically fetch and import new records records every 3 hours.
# APIs
There are two primary APIs as of right now — the `product` API and the `cve` API detailed below.
## Products API
Products can be listed:
```bash
curl http://localhost:8000/products
```
Grouped by vendor:
```bash
curl http://localhost:8000/products/by_vendor
```
Or searched:
```bash
curl http://localhost:8000/products/search/iphone
```
## CVEs API
To use the vulnerabilities search API via cURL (prepend `node-` to the product name in order to search for NPM specific packages):
```bash
curl \
--header "Content-Type: application/json" \
--request POST \
--data '{"product":"libxml2","version":"2.9.10"}' \
http://localhost:8000/cve/search
```
Responses are cached in memory with a LRU limit of 4096 elements.