An open API service indexing awesome lists of open source software.

https://github.com/infosecredd/cve-discord-notify

CVE Notifier is an automated monitoring tool designed to keep you informed about the latest Common Vulnerabilities and Exposures (CVEs). It continuously scans for new CVEs, evaluates their severity based on CVSS scores, and sends notifications to your Discord channels.
https://github.com/infosecredd/cve-discord-notify

cve cve-scanning discord github-actions webhook

Last synced: 12 months ago
JSON representation

CVE Notifier is an automated monitoring tool designed to keep you informed about the latest Common Vulnerabilities and Exposures (CVEs). It continuously scans for new CVEs, evaluates their severity based on CVSS scores, and sends notifications to your Discord channels.

Awesome Lists containing this project

README

          

# CVE Notifier

## Overview

**CVE Notifier** is an automated monitoring tool designed to keep you informed about the latest Common Vulnerabilities and Exposures (CVEs). It continuously scans for new CVEs, evaluates their severity based on CVSS scores, and sends notifications to your Discord channels - Every hour depending on the GitHub Actions workflow file you set. Additionally, it intelligently alerts specific Discord roles or users when CVEs containing predefined keywords are detected, ensuring that the right people are informed promptly.

## Features

- **Automated CVE Monitoring:** Continuously fetches the latest CVEs added within a specified timeframe.
- **Severity-Based Color Coding:** Visual indicators (red, orange, green) based on CVSS scores to quickly assess vulnerability severity.
- **Keyword-Based Notifications:** Alerts designated Discord roles or users when CVEs contain specific keywords of interest.
- **Discord Integration:** Sends rich embed messages to Discord webhooks for clear and organized notifications.
- **Duplicate Prevention:** Tracks and avoids sending duplicate notifications for previously seen CVEs.
- **Logging:** Maintains logs of operations and notifications for easy troubleshooting and auditing.
- **Configurable:** Easily customize keywords and Discord mentions through a separate configuration file.

## Getting Started

Follow these instructions to set up and run the CVE Notifier in your own environment.

### Prerequisites

- **GitHub Account:** To fork the repository and set up GitHub Actions.
- **Python 3.x:** Ensure Python is installed on your local machine for testing purposes.
- **Discord Server:** Access to a Discord server where you have permissions to create webhooks and manage roles.

### Installation

1. **Fork the Repository:**

- Click the "Fork" button at the top-right corner of this repository on GitHub to create your own copy.

2. **Clone Your Fork:**

```bash
git clone https://github.com/your-username/cve-notifier.git
cd cve-notifier
```

3. **Set Up `config.json`:**

Create a `config.json` file in the root directory to define your keywords and Discord mentions.

```bash
touch config.json
```

Populate `config.json` with your desired keywords and Discord mentions:

```json
{
"keywords": [
"authorization bypass",
"SQL injection",
"buffer overflow",
"remote code execution"
],
"discord_mentions": [
"<@&123456789012345678>", // Replace with your Discord Role ID
"<@876543210987654321>" // Replace with your Discord User ID
]
}
```

**Note:**
- Replace `123456789012345678` with your actual Discord Role ID.
- Replace `876543210987654321` with your actual Discord User ID.
- To obtain Role and User IDs, enable Developer Mode in Discord settings and right-click on the role/user to copy their IDs.

4. **Install Dependencies:**

Although GitHub Actions will handle dependencies during automation, it's recommended to install them locally for testing.

```bash
pip install -r requirements.txt
```

5. **Configure GitHub Secrets:**

To securely store your Discord webhook URLs, set them up as GitHub Secrets in your forked repository.

- Navigate to your repository on GitHub.
- Go to **Settings** > **Secrets and variables** > **Actions**.
- Click on **New repository secret** and add the following secrets:

| Secret Name | Description |
|-------------------------|---------------------------------------------|
| `DISCORD_WEBHOOK_URL` | Discord webhook URL for Exploited CVE notifications. |
| `DISCORD_WEBHOOK_GENERAL` | Discord webhook URL for published today CVEs. |

**Example:**

- **Name:** `DISCORD_WEBHOOK_URL`
- **Value:** `https://discord.com/api/webhooks/your_new_cve_webhook`

- **Name:** `DISCORD_WEBHOOK_GENERAL`
- **Value:** `https://discord.com/api/webhooks/your_published_today_webhook`

6. **Push Configuration Changes:**

If you modified `config.json`, commit and push the changes to your fork.

```bash
git add config.json
git commit -m "Add configuration for keywords and Discord mentions"
git push
```

### Running Locally (Optional)

Before deploying, you can test the script locally to ensure it's functioning correctly.

1. **Run the Script:**

```bash
python3 cvereport.py
```

2. **Verify Notifications:**

Check your designated Discord channels to confirm that notifications are being received as expected, with appropriate color coding and mentions.

3. **Review Logs:**

Examine the `cve_notifier.log` file for any errors or confirmation messages.

```bash
cat cve_notifier.log
```

### Deployment with GitHub Actions

Once you've confirmed that the script works locally, GitHub Actions will handle automated runs based on the configured schedule.

1. **Commit and Push Changes:**

Ensure all your changes are committed and pushed to your forked repository.

```bash
git add .
git commit -m "Finalize setup for GitHub Actions deployment"
git push
```

2. **Monitor GitHub Actions:**

- Navigate to the **Actions** tab in your repository.
- Observe the workflow runs to ensure they complete successfully.
- Address any issues by reviewing logs and adjusting configurations as necessary.

3. **Check Discord Notifications:**

After each workflow run, verify that notifications are sent to your Discord channels with the correct formatting and mentions.

## Configuration Details

### `config.json`

Defines the keywords to monitor within CVE summaries and the Discord roles/users to notify when these keywords are detected.

```json
{
"keywords": [
"authorization bypass",
"SQL injection",
"buffer overflow",
"remote code execution"
],
"discord_mentions": [
"<@&123456789012345678>", // Replace with your Discord Role ID
"<@876543210987654321>" // Replace with your Discord User ID
]
}
```

- **`keywords`:** List of terms to search for within CVE summaries. The search is case-insensitive.
- **`discord_mentions`:** List of Discord mentions using the correct syntax:
- **Role Mention:** `<@&ROLE_ID>`
- **User Mention:** `<@USER_ID>`

### GitHub Secrets

Ensure that the following secrets are set in your GitHub repository:

- **`DISCORD_WEBHOOK_URL`**
- **Description:** Discord webhook URL for sending Exploited CVE notifications.
- **Usage:** Used by the script to send embed messages to the designated Discord channel.

- **`DISCORD_WEBHOOK_GENERAL`**
- **Description:** Discord webhook URL for sending published today CVEs.
- **Usage:** Used by the script to send embed messages to another Discord channel.

**Important:** Keep your webhook URLs secure. Do not expose them publicly or commit them to the repository.

## Troubleshooting

- **No Notifications Received:**
- Ensure that the webhook URLs are correctly set in GitHub Secrets.
- Verify that `config.json` contains valid mentions and that roles are set to be mentionable in Discord server settings.

- **Malformed Mentions:**
- Confirm that mentions in `config.json` use the correct syntax:
- Roles: `<@&ROLE_ID>`
- Users: `<@USER_ID>`

- **Rate Limits Exceeded:**
- If receiving rate limit errors from Discord, consider batching notifications or reducing the frequency of webhook requests.

- **Errors in Logs:**
- Review the `cve_notifier.log` file for detailed error messages.
- Ensure that all dependencies are installed and that the script has necessary permissions.

## Contributing

Contributions are welcome! If you encounter issues or have suggestions for improvements, feel free to open an issue or submit a pull request.

## License

This project is licensed under the [MIT License](LICENSE).

## Acknowledgements

- [Discord](https://discord.com/) for providing robust webhook integrations.
- [CVE Details](https://www.cvedetails.com/) for comprehensive vulnerability information.
- [Tenacity](https://github.com/jd/tenacity) for robust retry mechanisms in Python.

---

*Stay secure and keep your systems updated with the latest vulnerability information!*