Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/amadejpapez/applsec

Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! 🍎🔒
https://github.com/amadejpapez/applsec

apple bot mastodon-bot python twitter-bot

Last synced: about 1 month ago
JSON representation

Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! 🍎🔒

Host: GitHub
URL: https://github.com/amadejpapez/applsec
Owner: amadejpapez
License: gpl-3.0
Created: 2021-02-03T18:22:07.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2024-09-17T17:32:12.000Z (about 2 months ago)
Last Synced: 2024-09-17T22:51:26.909Z (about 2 months ago)
Topics: apple, bot, mastodon-bot, python, twitter-bot
Language: Python
Homepage: https://infosec.exchange/@ApplSec
Size: 5.13 MB
Stars: 14
Watchers: 3
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

README

ApplSec

Refreshing the Apple Security Page for you 🍎 🔐

Running on 🐥 @ApplSec since February 6, 2021

Running on 🐘 @[email protected] since November 5, 2022

## 📣 What does it post?

## 🦾 How does it work?

It starts by checking if the latest release on the [Apple Security Updates](https://support.apple.com/en-us/HT201222) page has already been posted. If not, it continues to check the next one. When it gathers all the new releases, it starts visiting their security content pages. There, it counts how many security issues (CVEs) were fixed, checks for zero-days, etc.

If Apple says "no details yet", it will save the release's name and say in the post that information is not available yet. It will continue to check and make a post when security content is available with all the information it contains.

To get the latest beta releases it also checks the [Apple Developer Releases](https://developer.apple.com/news/releases) page.

In the end, it arranges the gathered data into a post or a thread as needed and sends it to Mastodon and Twitter.

The bot is checking for changes hourly. To avoid posting and checking the same thing twice, it stores recently posted data in a JSON file. The file also contains the last 10 zero-days, so it can tell if a zero-day is new or if it's just an additional update for a different system.

At midnight, the bot checks if Apple has updated or added any entries to older security notes. On January 19th, 2022, Apple updated 25 security notes, adding and updating entries back to releases from two years ago.

The bot is often updated as new ideas appear and to keep up with any changes to Apple's website.

## ✨ Acknowledgements

- __[Tweepy](https://github.com/tweepy/tweepy)__, for communication with Twitter API
- __[requests](https://github.com/psf/requests)__, for communication with Mastodon API and for requests to Apple's website
- __[lxml](https://github.com/lxml/lxml)__, for easier HTML processing
- __GitHub Actions__, for running the bot hourly

_Not affiliated with Apple Inc._

_Apple, iCloud, watchOS, tvOS and macOS are trademarks of Apple Inc., registered in the U.S. and other countries and regions._