Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Exein-io/kepler

NIST-based CVE lookup store and API powered by Rust.
https://github.com/Exein-io/kepler

cve cve-scanning cve-search rust security-tools

Last synced: about 1 month ago
JSON representation

NIST-based CVE lookup store and API powered by Rust.

Host: GitHub
URL: https://github.com/Exein-io/kepler
Owner: exein-io
License: other
Created: 2022-01-14T19:01:05.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2024-01-19T15:54:56.000Z (11 months ago)
Last Synced: 2024-09-26T01:52:26.106Z (3 months ago)
Topics: cve, cve-scanning, cve-search, rust, security-tools
Language: Rust
Homepage: https://exein.io/
Size: 44.7 MB
Stars: 124
Watchers: 7
Forks: 11
Open Issues: 7
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

awesome-rust-security - kepler - NIST-based CVE lookup store and API powered by Rust. (Web and Cloud Security / Pentesting)
awesome-software-supply-chain-security - Exein-io/kepler: NIST-based CVE lookup store and API powered by Rust

README

        


    

 

  

    

      

    

    

      

    

  






Kepler is a vulnerability database and lookup store and API currently utilising [National Vulnerability Database](https://nvd.nist.gov/) as data sources; implementing CPE 2.3 tree expressions and version range evaluation in realtime.




# Setup

## Docker (recommended)

We provide a docker bundle with `kepler`, dedicated PostgreSQL database and [Ofelia](https://github.com/mcuadros/ofelia) as job scheduler for continuous update

```bash

docker compose build

docker compose up

```

### Database migration notes

When the application starts checks for pending database migrations and automatically applies them. Remove the `--migrate` option to stop when a pending migration is detected

## Build from sources

Alternatively you can build `kepler` from sources. To build you need `rust`, `cargo` and `libpg-dev` (or equivalent PostgreSQL library for your Linux distribution)

```

cargo build --release

```

# Data sources

The system will automatically fetch and import new records every 3 hours if you use our [bundle](#docker-recommended), while historical data must be imported manually.

Kepler currently supports two data sources, [National Vulnerability Database](https://nvd.nist.gov/) and [NPM Advisories](https://npmjs.org/). You can import the data sources historically as follows.

## NIST Data

To import NIST records from all available years (2002 to 2022):

```bash

for year in $(seq 2002 2022); do 

    docker run --rm -v $(pwd)/data:/data \

        -e DATABASE_URL=postgres://kepler:kepler@localhost:5432/kepler \

	--network=kepler_default \

	kepler:dev import_nist $year -d /data; 

done 

```

The system will automatically fetch and import new records records every 3 hours. 

# APIs

There are two primary APIs as of right now — the `product` API and the `cve` API detailed below.

## Products API

Products can be listed:

```bash

curl http://localhost:8000/products

```

Grouped by vendor:

```bash

curl http://localhost:8000/products/by_vendor

```

Or searched:

```bash

curl http://localhost:8000/products/search/iphone

```

## CVEs API

To use the vulnerabilities search API via cURL (prepend `node-` to the product name in order to search for NPM specific packages):

```bash

curl \

    --header "Content-Type: application/json" \

    --request POST \

    --data '{"product":"libxml2","version":"2.9.10"}' \

    http://localhost:8000/cve/search

```

Responses are cached in memory with a LRU limit of 4096 elements.