Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/amadejpapez/applsec
Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! 🍎🔒
https://github.com/amadejpapez/applsec
apple bot mastodon-bot python twitter-bot
Last synced: 2 months ago
JSON representation
Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! 🍎🔒
- Host: GitHub
- URL: https://github.com/amadejpapez/applsec
- Owner: amadejpapez
- License: gpl-3.0
- Created: 2021-02-03T18:22:07.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-09-17T17:32:12.000Z (3 months ago)
- Last Synced: 2024-09-17T22:51:26.909Z (3 months ago)
- Topics: apple, bot, mastodon-bot, python, twitter-bot
- Language: Python
- Homepage: https://infosec.exchange/@ApplSec
- Size: 5.13 MB
- Stars: 14
- Watchers: 3
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
ApplSec
Refreshing the Apple Security Page for you 🍎 🔐
Running on 🐥 @ApplSec since February 6, 2021
Running on 🐘 @[email protected] since November 5, 2022
## 📣 What does it post?
## 🦾 How does it work?
It starts by checking if the latest release on the [Apple Security Updates](https://support.apple.com/en-us/HT201222) page has already been posted. If not, it continues to check the next one. When it gathers all the new releases, it starts visiting their security content pages. There, it counts how many security issues (CVEs) were fixed, checks for zero-days, etc.
If Apple says "no details yet", it will save the release's name and say in the post that information is not available yet. It will continue to check and make a post when security content is available with all the information it contains.
To get the latest beta releases it also checks the [Apple Developer Releases](https://developer.apple.com/news/releases) page.
In the end, it arranges the gathered data into a post or a thread as needed and sends it to Mastodon and Twitter.
The bot is checking for changes hourly. To avoid posting and checking the same thing twice, it stores recently posted data in a JSON file. The file also contains the last 10 zero-days, so it can tell if a zero-day is new or if it's just an additional update for a different system.
At midnight, the bot checks if Apple has updated or added any entries to older security notes. On January 19th, 2022, Apple updated 25 security notes, adding and updating entries back to releases from two years ago.
The bot is often updated as new ideas appear and to keep up with any changes to Apple's website.
## ✨ Acknowledgements
- __[Tweepy](https://github.com/tweepy/tweepy)__, for communication with Twitter API
- __[requests](https://github.com/psf/requests)__, for communication with Mastodon API and for requests to Apple's website
- __[lxml](https://github.com/lxml/lxml)__, for easier HTML processing
- __GitHub Actions__, for running the bot hourly
_Not affiliated with Apple Inc._
_Apple, iCloud, watchOS, tvOS and macOS are trademarks of Apple Inc., registered in the U.S. and other countries and regions._