NVD_Tools

Powershell Scripts to Interact with Vulnerability Data Sets

Challenge: Many vulnerabilty scanners exists to analyze a system locally or remotly to determine f there are vulnerabilties present. These scanners are able to do a great job because they can look at both files and configurations of a system to determine if a vulnerability exists. This is a different offline approach. The goal is to identify vulnerable applications given a list. (For example an export from SCCM or other system management tool) Once the vulnerabilites are identified the organization can make a determination as to which application upgrades are a priority.

This repository contains powershell scripts to:

Download NVD Data from NIST
Download CPE Application information from NIST
Create a usable vulnerabilty database in MS Access of SQLite format
Populated either of these databases
Search data within these databases
Create a report of vulnerabiltes including application and count of vulnerabilities

CPE - Common Platform Enumeration - Makes use of Version 2.3 CWE - Common Weakness Enumeration CVE - Common Vulnerabilty Enumeration - Makes use of Version 2.0

These feeds are located at: https://nvd.nist.gov/download.cfm

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
Documentation		Documentation
ps_cpe		ps_cpe
CPE.dll		CPE.dll
Create_Database.ps1		Create_Database.ps1
Download_XMLSources.ps1		Download_XMLSources.ps1
Generate_ReportData.ps1		Generate_ReportData.ps1
Generate_WFNs_inDatabase.ps1		Generate_WFNs_inDatabase.ps1
LICENSE		LICENSE
Load_XMLSources.ps1		Load_XMLSources.ps1
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

NVD_Tools

About

Releases

Packages

Languages

License

VanAwful/NVD_Tools

Folders and files

Latest commit

History

Repository files navigation

NVD_Tools

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages