Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/un4gi/fave

Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
https://github.com/un4gi/fave

Last synced: 3 months ago
JSON representation

Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.

Host: GitHub
URL: https://github.com/un4gi/fave
Owner: un4gi
License: mit
Created: 2021-09-18T22:28:39.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2022-11-12T22:57:51.000Z (almost 2 years ago)
Last Synced: 2024-06-20T17:49:36.531Z (5 months ago)
Language: Go
Size: 51.8 KB
Stars: 123
Watchers: 1
Forks: 9
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - un4gi/fave - Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters. (Go)

README

        # FAV/E

[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT) [![Twitter Follow](https://img.shields.io/twitter/follow/un4gi_io?label=%40un4gi_io&style=social)](https://twitter.com/un4gi_io)



FAV/E (Find A Vulnerability/Exposure) utilizes the NIST CVE database search API to search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.

## Usage

FAV/E currently features two commands: `search` and `describe`.

The `search` command allows you to search the CVE database while filtering on a number of different things, such as:

- keyword/words

- age (maximum of 120 days)

- CWE ID

- CVSS Severity

Use the `-h` flag to display available flags

```bash

fave search -h

```

| Flag | Description | Example |

|------|-------------|---------|

| `-c, --cwe int` | Search for CVEs based on a CWE number. | `fave -c 79` |

| `-d, --days int` | the number of days prior to today to filter (maximum of 120 days). | `fave --days 5` |

| `--exact` | Return only items matching the exact keyword(s) specified with -k | `fave -k un4gi --exact` |

| `-h, --help` | help for search | `fave -h` |

| `-k, --key string` | a word or phrase to search - this is required. | `fave -k "Microsoft Windows 10"` |

| `-s, --severity string` | filters based on the CVSS V3 severity rating (CRITICAL, HIGH, MEDIUM, or LOW). | `fave -s CRITICAL` |

Example usage:

```bash

fave search -k "Windows 10" --exact -s CRITICAL --days 2

```

Once an interesting CVE is found, you can pass the CVE-ID to the `describe` command to gather a more detailed description with references:

`fave describe CVE-XXXX-XXXXX`

## Installation

To install, use:

```bash

go install github.com/un4gi/fave@latest

```

Alternatively, you can download the latest release for your OS.