From 67f575bd7349542ae324900758d471115b87c09a Mon Sep 17 00:00:00 2001
From: g147 <26509147+g147@users.noreply.github.com>
Date: Tue, 16 Jul 2024 09:58:51 +0530
Subject: [PATCH] puncia[0.20]
---
README.md | 42 ++++++++++++++++++++++++------------------
puncia/__main__.py | 30 ++++++++++++++++++++++++++----
setup.py | 2 +-
3 files changed, 51 insertions(+), 23 deletions(-)
diff --git a/README.md b/README.md
index db40750..1ea323b 100644
--- a/README.md
+++ b/README.md
@@ -20,27 +20,33 @@ Puncia utilizes two of our intelligent APIs to gather the results -
2. From Source - `pip3 install .`
## Usage
-1. Query Domains - `puncia subdomain `
-2. Query Exploit & Vulnerability Identifiers - `puncia exploit `
+1. Store an API key (storekey) - `puncia storekey `
+2. Query Domains (subdomain) - `puncia subdomain `
+3. Query Exploit & Vulnerability Identifiers (exploit) - `puncia exploit `
- Russian VIDs with no associated CVEs (^RU_NON_CVE)
- Chinese VIDs with no associated CVEs (^CN_NON_CVE)
+ - Daily Vulnerability & Exploit Watchlist (^WATCHLIST)
- [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers)
-3. Bulk Queries - `puncia exploit `
-4. Store an API key - `puncia storekey `
-
-### Bulk Input JSON Format
-```
-{
- "subdomain": [
- "domainA.com",
- "domainB.com"
- ],
- "exploit": [
- "eoidentifierA",
- "eoidentifierB"
- ]
-}
-```
+4. Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich `
+5. Bulk Queries (bulk)- `puncia bulk `
+ - Bulk Input JSON File Format
+ ```
+ {
+ "subdomain": [
+ "domainA.com",
+ "domainB.com"
+ ],
+ "exploit": [
+ "eoidentifierA",
+ "eoidentifierB"
+ ],
+ "enrich": [
+ "eoidentifierA",
+ "eoidentifierB"
+ ]
+ }
+ ```
+
## Noteworthy Mentions
- [Around 1000 exploitable cybersecurity vulnerabilities that MITRE & NIST ‘might’ have missed but China or Russia didn’t.](https://blog.arpsyndicate.io/over-a-1000-vulnerabilities-that-mitre-nist-might-have-missed-but-china-or-russia-did-not-871b2364a526)
diff --git a/puncia/__main__.py b/puncia/__main__.py
index e6bae11..ee1fca7 100755
--- a/puncia/__main__.py
+++ b/puncia/__main__.py
@@ -8,10 +8,13 @@
API_URLS = {
"subdomain": "http://api.subdomain.center/?domain=",
"exploit": "http://api.exploit.observer/?keyword=",
+ "enrich": "http://api.exploit.observer/?enrich=True&keyword=",
"auth_subdomain": "http://api.subdomain.center/beta/?auth={0}&domain=",
"auth_exploit": "http://api.exploit.observer/beta/?auth={0}&keyword=",
+ "auth_enrich": "http://api.exploit.observer/beta/?auth={0}&enrich=True&keyword=",
"russia": "http://api.exploit.observer/russia/",
"china": "http://api.exploit.observer/china/",
+ "watchlist": "http://api.exploit.observer/watchlist/",
}
@@ -33,12 +36,12 @@ def read_key():
def query_api(mode, query, output_file=None, cid=None, akey=""):
- if len(akey) > 0 and mode in ["exploit", "subdomain"]:
+ if len(akey) > 0 and mode in ["exploit", "subdomain", "enrich"]:
url = API_URLS.get("auth_" + mode).format(akey)
else:
time.sleep(60)
url = API_URLS.get(mode)
- if "^" in query:
+ if "^" in query and "exploit" in mode:
if query == "^RU_NON_CVE":
url = API_URLS.get("russia")
query = "noncve"
@@ -49,6 +52,11 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
query = "noncve"
mode = "spec_exploit"
cid = "Chinese VIDs with no associated CVEs"
+ if query == "^WATCHLIST":
+ url = API_URLS.get("watchlist")
+ query = ""
+ mode = "spec_exploit"
+ cid = "Daily Vulnerability & Exploit Watchlist"
if not url:
sys.exit("Invalid Mode")
response = requests.get(url + query).json()
@@ -77,6 +85,8 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
existing_data = []
existing_data.extend(response)
existing_data = list(set(existing_data))
+ elif mode == "enrich":
+ existing_data = response
elif mode == "exploit":
if "entries" in existing_data and len(existing_data["entries"]) > 0:
for lang in existing_data["entries"]:
@@ -127,13 +137,13 @@ def query_api(mode, query, output_file=None, cid=None, akey=""):
def main():
try:
print("---------")
- print("Panthera(P.)uncia [v0.19]")
+ print("Panthera(P.)uncia [v0.20]")
print("A.R.P. Syndicate [https://arpsyndicate.io]")
print("---------")
if len(sys.argv) < 3:
sys.exit(
- "usage: puncia [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
+ "usage: puncia [output_file/output_directory]\nrefer: https://github.com/ARPSyndicate/puncia#usage"
)
mode = sys.argv[1]
@@ -150,6 +160,7 @@ def main():
if output_file:
os.makedirs(output_file + "/subdomain/", exist_ok=True)
os.makedirs(output_file + "/exploit/", exist_ok=True)
+ os.makedirs(output_file + "/enrich/", exist_ok=True)
else:
sys.exit("Bulk Mode requires an Output Directory")
with open(query, "r") as f:
@@ -177,6 +188,17 @@ def main():
)
except Exception as ne:
sys.exit(f"Error: {str(ne)}")
+ if "enrich" in input_file:
+ for bulk_query in input_file["enrich"]:
+ try:
+ query_api(
+ "enrich",
+ bulk_query,
+ output_file + "/enrich/" + bulk_query + ".json",
+ akey=akey,
+ )
+ except Exception as ne:
+ sys.exit(f"Error: {str(ne)}")
elif mode == "storekey":
store_key(query)
diff --git a/setup.py b/setup.py
index 581786c..2dc071f 100644
--- a/setup.py
+++ b/setup.py
@@ -2,7 +2,7 @@
setup(
name="puncia",
- version="0.19",
+ version="0.20",
author="A.R.P. Syndicate",
author_email="ayush@arpsyndicate.io",
keywords="subdomains subdomain exploits exploit arpsyndicate panthera uncia puncia snow leopard",