Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/un4gi/fave
Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
https://github.com/un4gi/fave
Last synced: 21 days ago
JSON representation
Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
- Host: GitHub
- URL: https://github.com/un4gi/fave
- Owner: un4gi
- License: mit
- Created: 2021-09-18T22:28:39.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2022-11-12T22:57:51.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:30:40.454Z (4 months ago)
- Language: Go
- Size: 51.8 KB
- Stars: 124
- Watchers: 1
- Forks: 9
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - un4gi/fave - Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters. (Go)
README
# FAV/E
[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT) [![Twitter Follow](https://img.shields.io/twitter/follow/un4gi_io?label=%40un4gi_io&style=social)](https://twitter.com/un4gi_io)
FAV/E (Find A Vulnerability/Exposure) utilizes the NIST CVE database search API to search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
## Usage
FAV/E currently features two commands: `search` and `describe`.
The `search` command allows you to search the CVE database while filtering on a number of different things, such as:
- keyword/words
- age (maximum of 120 days)
- CWE ID
- CVSS SeverityUse the `-h` flag to display available flags
```bash
fave search -h
```| Flag | Description | Example |
|------|-------------|---------|
| `-c, --cwe int` | Search for CVEs based on a CWE number. | `fave -c 79` |
| `-d, --days int` | the number of days prior to today to filter (maximum of 120 days). | `fave --days 5` |
| `--exact` | Return only items matching the exact keyword(s) specified with -k | `fave -k un4gi --exact` |
| `-h, --help` | help for search | `fave -h` |
| `-k, --key string` | a word or phrase to search - this is required. | `fave -k "Microsoft Windows 10"` |
| `-s, --severity string` | filters based on the CVSS V3 severity rating (CRITICAL, HIGH, MEDIUM, or LOW). | `fave -s CRITICAL` |Example usage:
```bash
fave search -k "Windows 10" --exact -s CRITICAL --days 2
```Once an interesting CVE is found, you can pass the CVE-ID to the `describe` command to gather a more detailed description with references:
`fave describe CVE-XXXX-XXXXX`
## Installation
To install, use:
```bash
go install github.com/un4gi/fave@latest
```Alternatively, you can download the latest release for your OS.