.. image:: https://img.shields.io/github/release/cve-search/CveXplore.svg
:target: https://GitHub.com/cve-search/CveXplore/releases/
.. image:: https://img.shields.io/badge/License-GPLv3-blue.svg
:target: https://www.gnu.org/licenses/gpl-3.0
.. image:: https://badgen.net/badge/Github/repo/green?icon=github
:target: https://GitHub.com/cve-search/CveXplore
The CveXplore package aims to provide an object related way to interact with the data collected or hosted by a
cve-search instance. It provides an ambiguous way to interact with either the cve-search mongodb or the cve-search API.
From version 0.2.5 onwards CveXplore has the possibility to initialize and update the database without the need of any of
the cve-search binaries and thus providing the same functionality as cve-search but without the GUI components.
A click command line functionality is being build but for now still in progress...
All the data provided by this interaction is converted into objects before being returned. And thus providing a way to
interact with objects rather then with raw data.
Dependencies
------------
As stated you will need to have one of two things; in order to fully use this package you need access to:
* A cve-search mongodb instance
OR
* A cve-search API instance (will be retired in the 0.4 release)
Both of them can be easily created on a physical machine or via a docker instance of cve-search;
please check `cve-search <https://github.com/cve-search/cve-search>`_ or
`CVE-Search-Docker <https://github.com/cve-search/CVE-Search-Docker>`_ for further details.
Installation
------------
Package is hosted on pypi, so to install the minimal core just run:
.. code-block:: bash
pip install CveXplore
This command will install the core logic of CveXplore and, by default, installs the mongodb module also.
CveXplore is setup in a modular way and therefor has multiple modules which can be installed separately by specifying
them as an extra requirement. To install the mysql module only, specify:
.. code-block:: bash
pip install CveXplore[mysql]
Or for multiple modules:
.. code-block:: bash
pip install CveXplore[mysql, redis]
Or simple install all modules:
.. code-block:: bash
pip install CveXplore[all]
Documentation
-------------
Check `github pages documentation <https://cve-search.github.io/CveXplore/>`_
General
-------
Configuration
*************
CveXplore automatically creates a config folder in '~/.cvexplore'. CveXplore stores several configuration
files in here such as the .env for general configuration and the .sources.ini for data sources configuration.
Logging
*******
CveXplore stores all logs in the '~/.cvexplore/log' folder:
* update_populate.log; logging produced during database updates and database initialization.
Local Database populate / update
********************************
As of version 0.2.5 CveXplore can populate and update a local mongodb instance from either the command line:
.. code-block:: bash
$ cvexplore database initialize
$ cvexplore database update
Check the `CLI Documentation <https://cve-search.github.io/CveXplore/cli/cli.html>`_ for more information.
Or via the the CveXplore object:
.. code-block:: python
>>> from CveXplore import CveXplore
>>> cvx = CveXplore()
>>> cvx.database.populate()
>>> cvx.database.update()
You can add your `NIST API Key <https://nvd.nist.gov/developers/request-an-api-key>`_ in the environment variable
:code:`NVD_NIST_API_KEY` (e.g., in the :code:`~/.cvexplore/.env` file). You can populate CveXplore without an API key,
but it will limit the amount of parallel requests made to the NIST API.
For the NVD API, the update starts from the last modified document in the database. In case of missing CPEs or CVEs
caused by failures during the regular updates you can manually update entries for 1–120 days. (If the period is longer
than 120 days you would need to re-populate the entire database.) Example:
.. code-block:: python
>>> cvx.database.update(manual_days=7)
Package usage
-------------
Instantiation
*************
CveXplore can be instantiated with different parameters, depending to which data source you're going to connect to.
If no parameters are given it is assumed that you're going to connect to a mongodb database running on localhost with
default port and security settings (Cve Search default parameters).
.. code-block:: python
>>> from CveXplore import CveXplore
>>> cvx = CveXplore()
>>> cvx.version
'0.1.2'
To let CveXplore connect to an mongodb with specific parameters:
.. code-block:: python
>>> from CveXplore import CveXplore
>>> cvx = CveXplore(datasource_type="mongodb", datasource_connection_details={"host": "mongodb://127.0.0.1:27017"})
>>> cvx.version
'0.1.2'
And to let CveXplore talk to an Cve Search API (only query POST endpoint needed):
.. code-block:: python
>>> from CveXplore import CveXplore
>>> cvx = CveXplore(datasource_type="api", datasource_connection_details={"address": ("mylocal.cve-search.int", 443), "api_path": "api"})
>>> cvx.version
'0.1.2'
For More options please check the package documentation
Command line usage
------------------
CveXplore has a 'Python Click' (`Documentation <https://click.palletsprojects.com/en/>`_) command line interpreter
available. Click provides an extensive help function to guide you through the different options; also check the full
documentation for examples and usage instructions
.. code-block:: bash
$ cvexplore --help
Usage: cvexplore [OPTIONS] COMMAND [ARGS]...
Options:
-v, --version Show the current version and exit
--help Show this message and exit.
Commands:
capec Query for capec specific data
cpe Query for cpe specific data
cve Query for cve specific data
cwe Query for cwe specific data
database Database update / populate commands
find Perform find queries on a single collection
stats Show datasource statistics
tasks Perform task related operations.
Raw data
{
"_id": null,
"home_page": "https://github.com/cve-search/CveXplore",
"name": "CveXplore",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": null,
"author": "Paul Tikken",
"author_email": "paul.tikken@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/ed/d5/24fa086e8543c1a16d4d54e48213ba2803c9a082fe719b063ff91f15c9c2/cvexplore-0.3.35.tar.gz",
"platform": null,
"description": "\n\n.. image:: https://img.shields.io/github/release/cve-search/CveXplore.svg\n :target: https://GitHub.com/cve-search/CveXplore/releases/\n\n.. image:: https://img.shields.io/badge/License-GPLv3-blue.svg\n :target: https://www.gnu.org/licenses/gpl-3.0\n\n.. image:: https://badgen.net/badge/Github/repo/green?icon=github\n :target: https://GitHub.com/cve-search/CveXplore\n\n\nThe CveXplore package aims to provide an object related way to interact with the data collected or hosted by a\ncve-search instance. It provides an ambiguous way to interact with either the cve-search mongodb or the cve-search API.\n\nFrom version 0.2.5 onwards CveXplore has the possibility to initialize and update the database without the need of any of\nthe cve-search binaries and thus providing the same functionality as cve-search but without the GUI components.\n\nA click command line functionality is being build but for now still in progress...\n\nAll the data provided by this interaction is converted into objects before being returned. And thus providing a way to\ninteract with objects rather then with raw data.\n\nDependencies\n------------\nAs stated you will need to have one of two things; in order to fully use this package you need access to:\n\n* A cve-search mongodb instance\n\nOR\n\n* A cve-search API instance (will be retired in the 0.4 release)\n\nBoth of them can be easily created on a physical machine or via a docker instance of cve-search;\nplease check `cve-search <https://github.com/cve-search/cve-search>`_ or\n`CVE-Search-Docker <https://github.com/cve-search/CVE-Search-Docker>`_ for further details.\n\nInstallation\n------------\nPackage is hosted on pypi, so to install the minimal core just run:\n\n.. code-block:: bash\n\n pip install CveXplore\n\nThis command will install the core logic of CveXplore and, by default, installs the mongodb module also.\n\nCveXplore is setup in a modular way and therefor has multiple modules which can be installed separately by specifying\nthem as an extra requirement. To install the mysql module only, specify:\n\n.. code-block:: bash\n\n pip install CveXplore[mysql]\n\nOr for multiple modules:\n\n.. code-block:: bash\n\n pip install CveXplore[mysql, redis]\n\nOr simple install all modules:\n\n.. code-block:: bash\n\n pip install CveXplore[all]\n\nDocumentation\n-------------\nCheck `github pages documentation <https://cve-search.github.io/CveXplore/>`_\n\nGeneral\n-------\n\nConfiguration\n*************\n\nCveXplore automatically creates a config folder in '~/.cvexplore'. CveXplore stores several configuration\nfiles in here such as the .env for general configuration and the .sources.ini for data sources configuration.\n\nLogging\n*******\n\nCveXplore stores all logs in the '~/.cvexplore/log' folder:\n\n* update_populate.log; logging produced during database updates and database initialization.\n\nLocal Database populate / update\n********************************\n\nAs of version 0.2.5 CveXplore can populate and update a local mongodb instance from either the command line:\n\n.. code-block:: bash\n\n $ cvexplore database initialize\n $ cvexplore database update\n\nCheck the `CLI Documentation <https://cve-search.github.io/CveXplore/cli/cli.html>`_ for more information.\n\nOr via the the CveXplore object:\n\n.. code-block:: python\n\n >>> from CveXplore import CveXplore\n >>> cvx = CveXplore()\n >>> cvx.database.populate()\n >>> cvx.database.update()\n\nYou can add your `NIST API Key <https://nvd.nist.gov/developers/request-an-api-key>`_ in the environment variable\n:code:`NVD_NIST_API_KEY` (e.g., in the :code:`~/.cvexplore/.env` file). You can populate CveXplore without an API key,\nbut it will limit the amount of parallel requests made to the NIST API.\n\nFor the NVD API, the update starts from the last modified document in the database. In case of missing CPEs or CVEs\ncaused by failures during the regular updates you can manually update entries for 1\u2013120 days. (If the period is longer\nthan 120 days you would need to re-populate the entire database.) Example:\n\n.. code-block:: python\n\n >>> cvx.database.update(manual_days=7)\n\nPackage usage\n-------------\n\nInstantiation\n*************\n\nCveXplore can be instantiated with different parameters, depending to which data source you're going to connect to.\nIf no parameters are given it is assumed that you're going to connect to a mongodb database running on localhost with\ndefault port and security settings (Cve Search default parameters).\n\n.. code-block:: python\n\n >>> from CveXplore import CveXplore\n >>> cvx = CveXplore()\n >>> cvx.version\n '0.1.2'\n\nTo let CveXplore connect to an mongodb with specific parameters:\n\n.. code-block:: python\n\n >>> from CveXplore import CveXplore\n >>> cvx = CveXplore(datasource_type=\"mongodb\", datasource_connection_details={\"host\": \"mongodb://127.0.0.1:27017\"})\n >>> cvx.version\n '0.1.2'\n\nAnd to let CveXplore talk to an Cve Search API (only query POST endpoint needed):\n\n.. code-block:: python\n\n >>> from CveXplore import CveXplore\n >>> cvx = CveXplore(datasource_type=\"api\", datasource_connection_details={\"address\": (\"mylocal.cve-search.int\", 443), \"api_path\": \"api\"})\n >>> cvx.version\n '0.1.2'\n\nFor More options please check the package documentation\n\nCommand line usage\n------------------\n\nCveXplore has a 'Python Click' (`Documentation <https://click.palletsprojects.com/en/>`_) command line interpreter\navailable. Click provides an extensive help function to guide you through the different options; also check the full\ndocumentation for examples and usage instructions\n\n.. code-block:: bash\n\n $ cvexplore --help\n Usage: cvexplore [OPTIONS] COMMAND [ARGS]...\n\n Options:\n -v, --version Show the current version and exit\n --help Show this message and exit.\n\n Commands:\n capec Query for capec specific data\n cpe Query for cpe specific data\n cve Query for cve specific data\n cwe Query for cwe specific data\n database Database update / populate commands\n find Perform find queries on a single collection\n stats Show datasource statistics\n tasks Perform task related operations.\n",
"bugtrack_url": null,
"license": "GNU General Public License v3.0",
"summary": "Package for interacting with cve-search",
"version": "0.3.35",
"project_urls": {
"Documentation": "https://cve-search.github.io/CveXplore/",
"Homepage": "https://github.com/cve-search/CveXplore",
"Issues": "https://github.com/cve-search/CveXplore/issues"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "ea2185ead91040164bd2f8cb115a4bf42bd4efed04d5be0363176d351d8ca8d6",
"md5": "648290cb8f471dfe83eae0ae982a6e3b",
"sha256": "3be6e3570951590062b73cf7e72d080e972f75700145adb027c4fa15304593e1"
},
"downloads": -1,
"filename": "CveXplore-0.3.35-py3-none-any.whl",
"has_sig": false,
"md5_digest": "648290cb8f471dfe83eae0ae982a6e3b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 131394,
"upload_time": "2024-07-05T06:11:49",
"upload_time_iso_8601": "2024-07-05T06:11:49.288979Z",
"url": "https://files.pythonhosted.org/packages/ea/21/85ead91040164bd2f8cb115a4bf42bd4efed04d5be0363176d351d8ca8d6/CveXplore-0.3.35-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "edd524fa086e8543c1a16d4d54e48213ba2803c9a082fe719b063ff91f15c9c2",
"md5": "15ec35d3cc187bcf1d58612636b398c3",
"sha256": "7aa90c82906e1a833f728095d1857d42c614364871d5e2a5d1212c14103fa7b3"
},
"downloads": -1,
"filename": "cvexplore-0.3.35.tar.gz",
"has_sig": false,
"md5_digest": "15ec35d3cc187bcf1d58612636b398c3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 105074,
"upload_time": "2024-07-05T06:11:51",
"upload_time_iso_8601": "2024-07-05T06:11:51.191537Z",
"url": "https://files.pythonhosted.org/packages/ed/d5/24fa086e8543c1a16d4d54e48213ba2803c9a082fe719b063ff91f15c9c2/cvexplore-0.3.35.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-07-05 06:11:51",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "cve-search",
"github_project": "CveXplore",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "cvexplore"
}
JSON
