Article toSource:Timeline Sec
Tool: GitHub CVE monitor
Description: monitor the vulnerability of CVE number project added on GitHub, push nail or server paste
Author:yhy0@Timeline sec SRC group
Project address:
https://github.com/yhy0/github-cve-monitor
Wechat push mode
1. Open server sauce
http://sc.ftqq.com/9.version
You can get your sckey by scanning the wechat code and logging in
Sckey is very important, so please keep it properly and don’t tell others casually
2. Configuration script
Follow official accountSugar cube
Replace XXXX on line 42 with your sckey
The time interval is modified in line 58
Check whether there is a new CVE vulnerability submission record in GitHub every 3 minutes. If so, push it through the server
Comment pin push code
Lines 33-37 and 68
Upload the script to your VPS
Execute the following command to run on your own Linux VPS background
You can happily receive all kinds of CVE
nohuppython3github_cve_monitor.py&
design sketch
When a new cve-2021 project is added, the following push will be obtained
A very useful monitoring tool. If you need to monitor the vulnerabilities of other CMS, you can modify the content of regular matching in the code by yourself. If you can get information earlier during HW, you can defend or attack earlier.
Project address, welcome star🌟
https://github.com/yhy0/github-cve-monitor
reference resources:
Luomiwei bear, kiang70
https://my.oschina.net/u/4581868/blog/4380482
https://github.com/kiang70/Github-Monitor