puncia[0.20]

README.md

@@ -20,27 +20,33 @@ Puncia utilizes two of our intelligent APIs to gather the results - <br>
 2. From Source - `pip3 install .`<br>
 
 ## Usage
-1. Query Domains - `puncia subdomain <domain> <output-file>`
-2. Query Exploit & Vulnerability Identifiers - `puncia exploit <eoidentifier> <output-file>`
+1. Store an API key (storekey) - `puncia storekey <api-key>`
+2. Query Domains (subdomain) - `puncia subdomain <domain> <output-file>`
+3. Query Exploit & Vulnerability Identifiers (exploit) - `puncia exploit <eoidentifier> <output-file>`
     - Russian VIDs with no associated CVEs (^RU_NON_CVE)
     - Chinese VIDs with no associated CVEs (^CN_NON_CVE)
+    - Daily Vulnerability & Exploit Watchlist (^WATCHLIST)
     - [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers)
-3. Bulk Queries - `puncia exploit <json-file> <output-directory>`<br>
-4. Store an API key - `puncia storekey <api-key>`<br>
-
-### Bulk Input JSON Format
-```
-{
-    "subdomain": [
-        "domainA.com",
-        "domainB.com"
-    ],
-    "exploit": [
-        "eoidentifierA",
-        "eoidentifierB"
-    ]
-}
-```
+4. Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich <eoidentifier> <output-file>`
+5. Bulk Queries (bulk)- `puncia bulk <json-file> <output-directory>`<br>
+    - Bulk Input JSON File Format
+        ```
+        {
+            "subdomain": [
+                "domainA.com",
+                "domainB.com"
+            ],
+            "exploit": [
+                "eoidentifierA",
+                "eoidentifierB"
+            ],
+            "enrich": [
+                "eoidentifierA",
+                "eoidentifierB"
+            ]
+        }
+        ```
+<br>
 
 ## Noteworthy Mentions
 - [Around 1000 exploitable cybersecurity vulnerabilities that MITRE & NIST ‘might’ have missed but China or Russia didn’t.](https://blog.arpsyndicate.io/over-a-1000-vulnerabilities-that-mitre-nist-might-have-missed-but-china-or-russia-did-not-871b2364a526)

puncia/__main__.py

@@ -8,10 +8,13 @@
 API_URLS = {
     "subdomain": "http://api.subdomain.center/?domain=",
     "exploit": "http://api.exploit.observer/?keyword=",
+    "enrich": "http://api.exploit.observer/?enrich=True&keyword=",
     "auth_subdomain": "http://api.subdomain.center/beta/?auth={0}&domain=",
     "auth_exploit": "http://api.exploit.observer/beta/?auth={0}&keyword=",
+    "auth_enrich": "http://api.exploit.observer/beta/?auth={0}&enrich=True&keyword=",
     "russia": "http://api.exploit.observer/russia/",
     "china": "http://api.exploit.observer/china/",
+    "watchlist": "http://api.exploit.observer/watchlist/",
 }
 
 
@@ -33,12 +36,12 @@ def read_key():
 
 
 def query_api(mode, query, output_file=None, cid=None, akey=""):
-    if len(akey) > 0 and mode in ["exploit", "subdomain"]:
+    if len(akey) > 0 and mode in ["exploit", "subdomain", "enrich"]:
         url = API_URLS.get("auth_" + mode).format(akey)
     else:
         time.sleep(60)
         url = API_URLS.get(mode)
-    if "^" in query:
+    if "^" in query and "exploit" in mode:
         if query == "^RU_NON_CVE":
             url = API_URLS.get("russia")
             query = "noncve"
@@ -49,6 +52,11 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
             query = "noncve"
             mode = "spec_exploit"
             cid = "Chinese VIDs with no associated CVEs"
+        if query == "^WATCHLIST":
+            url = API_URLS.get("watchlist")
+            query = ""
+            mode = "spec_exploit"
+            cid = "Daily Vulnerability & Exploit Watchlist"
     if not url:
         sys.exit("Invalid Mode")
     response = requests.get(url + query).json()
@@ -77,6 +85,8 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
                 existing_data = []
             existing_data.extend(response)
             existing_data = list(set(existing_data))
+        elif mode == "enrich":
+            existing_data = response
         elif mode == "exploit":
             if "entries" in existing_data and len(existing_data["entries"]) > 0:
                 for lang in existing_data["entries"]:
@@ -127,13 +137,13 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
 def main():
     try:
         print("---------")
-        print("Panthera(P.)uncia [v0.19]")
+        print("Panthera(P.)uncia [v0.20]")
         print("A.R.P. Syndicate [https://arpsyndicate.io]")
         print("---------")
 
         if len(sys.argv) < 3:
             sys.exit(
-                "usage: puncia <mode:subdomain/exploit/bulk/storekey> <query:domain/eoidentifier/jsonfile/apikey> [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
+                "usage: puncia <mode:subdomain/exploit/enrich/bulk/storekey> <query:domain/eoidentifier/jsonfile/apikey> [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
             )
 
         mode = sys.argv[1]
@@ -150,6 +160,7 @@ def main():
             if output_file:
                 os.makedirs(output_file + "/subdomain/", exist_ok=True)
                 os.makedirs(output_file + "/exploit/", exist_ok=True)
+                os.makedirs(output_file + "/enrich/", exist_ok=True)
             else:
                 sys.exit("Bulk Mode requires an Output Directory")
             with open(query, "r") as f:
@@ -177,6 +188,17 @@ def main():
                         )
                     except Exception as ne:
                         sys.exit(f"Error: {str(ne)}")
+            if "enrich" in input_file:
+                for bulk_query in input_file["enrich"]:
+                    try:
+                        query_api(
+                            "enrich",
+                            bulk_query,
+                            output_file + "/enrich/" + bulk_query + ".json",
+                            akey=akey,
+                        )
+                    except Exception as ne:
+                        sys.exit(f"Error: {str(ne)}")
 
         elif mode == "storekey":
             store_key(query)

setup.py

@@ -2,7 +2,7 @@
 
 setup(
     name="puncia",
-    version="0.19",
+    version="0.20",
     author="A.R.P. Syndicate",
     author_email="[email protected]",
     keywords="subdomains subdomain exploits exploit arpsyndicate panthera uncia puncia snow leopard",