- This tool scrapes the CVE feed from vuldb.com, filters it based on keywords, and notifies via Slack about latest CVE only for the technology or the products you have listed as keywords.
- Parses the RSS feed from vuldb.com using gofeed.
- Filters the feed based on the defined keywords.
- Stores filtered CVEs in a database.
- Sends a Slack notification for each new CVE inserted into the database.
Make sure go environment is properly configured
go install github.com/dark-warlord14/CVENotifier/cmd/CVENotifier@latest
- Set up keywords and Slack webhook in
config.yaml:
keywords:
- Floodlight
- wordpress
slackWebhook:
- https://hooks.slack.com/services/<id>/<id>- Run the tool on a regular interval (e.g., every few hours) to fetch the latest feeds and receive notifications for new CVEs. Its recommended to setup a cron job for this.
CVENotifier -config config.yaml
cronjob example
0 * * * * user CVENotifier -config config.yaml 2>&1 | tee -a CVENotifier.log
- Fetch RSS feed from https://vuldb.com/?rss.recent
- Filter the feed if any keyword is present in the title
- Store the data in a database if a keyword is found in the title
- Send a Slack message if the insert operation is successful
- Move the metadata to structure for easy parsing and shorter lines xD