what is CISA Vulnerability Checker?
CISA Vulnerability Checker is a Python tool designed to query CISA's Known Exploited Vulnerabilities catalog using DuckDB.
how to use CISA Vulnerability Checker?
To use the tool, clone the repository, set up a virtual environment, install dependencies, and run commands to check for recent CVEs or specific CVE existence.
key features of CISA Vulnerability Checker?
- Retrieve all CVEs added in the last specified days or hours.
- Check if a specific CVE exists in the CISA list.
- Utilizes DuckDB's HTTPFS extension to read JSON files directly from CISA's website.
use cases of CISA Vulnerability Checker?
- Security professionals can monitor recent vulnerabilities.
- Developers can check if their applications are affected by known vulnerabilities.
- Organizations can maintain compliance by regularly checking for new CVEs.
FAQ from CISA Vulnerability Checker?
- What programming language is used for this tool?
The tool is developed in Python.
- How do I install the CISA Vulnerability Checker?
Follow the installation instructions in the README to clone the repository and set up the environment.
- Can I run tests on the tool?
Yes, the project includes integration tests that can be run using pytest.
CISA Vulnerability Checker
A Python tool that uses DuckDB to query CISA's Known Exploited Vulnerabilities catalog.
Features
- Get all CVEs added in the last X days or hours
- Check if a specific CVE exists in the list
- Uses DuckDB's HTTPFS extension to read the JSON file directly from CISA's website
Installation
- Clone this repository:
git clone <repository-url>
cd <repository-name>
- Create a virtual environment (recommended):
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
- Install the package in development mode:
pip install -e .
Usage
Get Recent CVEs
Get CVEs from the last 7 days:
cisa-vuln-checker recent-cves --days 7
Get CVEs from the last 24 hours:
cisa-vuln-checker recent-cves --hours 24
Check if a CVE Exists
cisa-vuln-checker check-cve CVE-2023-1234
Running the Server
To run the Model Context Protocol server:
uvicorn cisa_vuln_checker.server:app
This will start the server on the default port (8000). You can then interact with the CISA vulnerability checking tools through the MCP interface (/sse) or RESR (/rest).
Configuring the Server
Claude
To configure Claude to use the CISA vulnerability checker server, add the following to your Claude configuration file (usually located at ~/Library/Application Support/Claude/claude_desktop_config.json):
{
"mcpServers": {
"cisa": {
"command": "npx",
"args": [
"mcp-remote",
"http://localhost:8000/sse"
]
}
}
}
Development
Running Tests
The project includes integration tests that test the CLI commands. To run the tests:
- Make sure you have the package installed in development mode (see Installation step 4)
- Run the tests:
pytest tests/
The tests will:
- Test getting recent CVEs by days and hours
- Test error handling when no arguments are provided
- Test checking for existing and non-existing CVEs