Skip to content

Commit

Permalink
puncia[0.16]
Browse files Browse the repository at this point in the history
  • Loading branch information
g147 committed May 21, 2024
1 parent 4a59ae7 commit e6ec8ee
Show file tree
Hide file tree
Showing 3 changed files with 73 additions and 34 deletions.
59 changes: 31 additions & 28 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,34 +36,37 @@ Puncia utilizes two of our intelligent APIs to gather the results - <br>
```

## Supported EOIdentifiers
1. Common Vulnerabilities and Exposures (CVE) - [`puncia exploit CVE-2021-3450`](https://api.exploit.observer/?keyword=CVE-2021-3450)
2. Russian Data Bank of Information Security Threats (BDU) - [`puncia exploit BDU:2024-00390`](https://api.exploit.observer/?keyword=BDU:2024-00390)
3. China National Vulnerability Database (CNVD) - [`puncia exploit CNVD-2024-02713`](https://api.exploit.observer/?keyword=CNVD-2024-02713)
4. China National Vulnerability Database of Information Security (CNNVD) - [`puncia exploit CNNVD-202312-2255`](https://api.exploit.observer/?keyword=CNNVD-202312-2255)
5. Japan Vulnerability Notes iPedia (JVNDB) - [`puncia exploit JVNDB-2023-006199`](https://api.exploit.observer/?keyword=JVNDB-2023-006199)
6. CSA Global Security Database (GSD) - [`puncia exploit GSD-2021-3450`](https://api.exploit.observer/?keyword=GSD-2021-3450)
7. GitHub Security Advisories (GHSA) - [`puncia exploit GHSA-wfh5-x68w-hvw2`](https://api.exploit.observer/?keyword=GHSA-wfh5-x68w-hvw2)
8. GitHub Commits (GHCOMMIT) - [`puncia exploit GHCOMMIT-102448040d5132460e3b0013e03ebedec0677e00`](https://api.exploit.observer/?keyword=GHCOMMIT-102448040d5132460e3b0013e03ebedec0677e00)
9. Veracode SourceClear Vulnerability Database (SRCCLR-SID) - [`puncia exploit SRCCLR-SID-3173`](https://api.exploit.observer/?keyword=SRCCLR-SID-3173)
10. Snyk Vulnerability Database (SNYK) - [`puncia exploit SNYK-JAVA-ORGCLOJURE-5740378`](https://api.exploit.observer/?keyword=SNYK-JAVA-ORGCLOJURE-5740378)
11. OffSec Exploit Database (EDB) - [`puncia exploit EDB-10102`](https://api.exploit.observer/?keyword=EDB-10102)
12. 0Day Today (0DAY-ID) - [`puncia exploit 0DAY-ID-24705`](https://api.exploit.observer/?keyword=0DAY-ID-24705)
13. Knownsec Seebug (SSVID) - [`puncia exploit SSVID-99817`](https://api.exploit.observer/?keyword=SSVID-99817)
14. Trend Micro Zero Day Initiative (ZDI) - [`puncia exploit ZDI-23-1714`](https://api.exploit.observer/?keyword=ZDI-23-1714)
15. Packet Storm Security (PSS) - [`puncia exploit PSS-170615`](https://api.exploit.observer/?keyword=PSS-170615)
16. CXSecurity World Laboratory of Bugtraq (WLB) - [`puncia exploit WLB-2024010058`](https://api.exploit.observer/?keyword=WLB-2024010058)
17. Rapid7 Metasploit Framework (MSF) - [`puncia exploit MSF/auxiliary_admin/2wire/xslt_password_reset`](https://api.exploit.observer/?keyword=MSF/auxiliary_admin/2wire/xslt_password_reset)
18. ProjectDiscovery Nuclei (PD) - [`puncia exploit PD/http/cves/2020/CVE-2020-12720`](https://api.exploit.observer/?keyword=PD/http/cves/2020/CVE-2020-12720)
19. Hackerone Hacktivity (H1) - [`puncia exploit H1-2230915`](https://api.exploit.observer/?keyword=H1-2230915)
20. Cisco Talos (TALOS) - [`puncia exploit TALOS-2023-1896`](https://api.exploit.observer/?keyword=TALOS-2023-1896)
21. ProtectAI Huntr (HUNTR) - [`puncia exploit HUNTR-001d1c29-805a-4035-93bb-71a0e81da3e5`](https://api.exploit.observer/?keyword=HUNTR-001d1c29-805a-4035-93bb-71a0e81da3e5)
22. WP Engine WPScan (WPSCAN) - [`puncia exploit WPSCAN-52568abd-c509-411e-8391-c75e7613eb42`](https://api.exploit.observer/?keyword=WPSCAN-52568abd-c509-411e-8391-c75e7613eb42)
23. Defiant Wordfence (WORDFENCE) - [`puncia exploit WORDFENCE-00086b84-c1ec-447a-a536-1c73eac1cc85`](https://api.exploit.observer/?keyword=WORDFENCE-00086b84-c1ec-447a-a536-1c73eac1cc85)
24. YouTube (YT) - [`puncia exploit YT/ccqjhUmwLCk`](https://api.exploit.observer/?keyword=YT/ccqjhUmwLCk)
25. Zero Science Lab (ZSL) - [`puncia exploit ZSL-2022-5743`](https://api.exploit.observer/?keyword=ZSL-2022-5743)
26. VARIoT Exploits (VAR-E) - [`puncia exploit VAR-E-201704-0525`](https://api.exploit.observer/?keyword=VAR-E-201704-0525)
27. VARIoT Vulnerabilities (VAR) - [`puncia exploit VAR-202404-0085`](https://api.exploit.observer/?keyword=VAR-202404-0085)
28. Technologies/Keywords (No Prefix) - [`puncia exploit grafana`](https://api.exploit.observer/?keyword=grafana)<br>
1. A.R.P. Syndicate Vulnerability & Exploit Data Aggregation System (VEDAS) - [`puncia exploit VEDAS:OBLIVIONHAWK`](https://api.exploit.observer/?keyword=VEDAS:OBLIVIONHAWK)
2. Common Vulnerabilities and Exposures (CVE) - [`puncia exploit CVE-2021-3450`](https://api.exploit.observer/?keyword=CVE-2021-3450)
3. Russian Data Bank of Information Security Threats (BDU) - [`puncia exploit BDU:2024-00390`](https://api.exploit.observer/?keyword=BDU:2024-00390)
4. China National Vulnerability Database (CNVD) - [`puncia exploit CNVD-2024-02713`](https://api.exploit.observer/?keyword=CNVD-2024-02713)
5. China National Vulnerability Database of Information Security (CNNVD) - [`puncia exploit CNNVD-202312-2255`](https://api.exploit.observer/?keyword=CNNVD-202312-2255)
6. Japan Vulnerability Notes iPedia (JVNDB) - [`puncia exploit JVNDB-2023-006199`](https://api.exploit.observer/?keyword=JVNDB-2023-006199)
7. CSA Global Security Database (GSD) - [`puncia exploit GSD-2021-3450`](https://api.exploit.observer/?keyword=GSD-2021-3450)
8. GitHub Security Advisories (GHSA) - [`puncia exploit GHSA-wfh5-x68w-hvw2`](https://api.exploit.observer/?keyword=GHSA-wfh5-x68w-hvw2)
9. GitHub Commits (GHCOMMIT) - [`puncia exploit GHCOMMIT-102448040d5132460e3b0013e03ebedec0677e00`](https://api.exploit.observer/?keyword=GHCOMMIT-102448040d5132460e3b0013e03ebedec0677e00)
10. Veracode SourceClear Vulnerability Database (SRCCLR-SID) - [`puncia exploit SRCCLR-SID-3173`](https://api.exploit.observer/?keyword=SRCCLR-SID-3173)
11. Snyk Vulnerability Database (SNYK) - [`puncia exploit SNYK-JAVA-ORGCLOJURE-5740378`](https://api.exploit.observer/?keyword=SNYK-JAVA-ORGCLOJURE-5740378)
12. OffSec Exploit Database (EDB) - [`puncia exploit EDB-10102`](https://api.exploit.observer/?keyword=EDB-10102)
13. 0Day Today (0DAY-ID) - [`puncia exploit 0DAY-ID-24705`](https://api.exploit.observer/?keyword=0DAY-ID-24705)
14. Knownsec Seebug (SSVID) - [`puncia exploit SSVID-99817`](https://api.exploit.observer/?keyword=SSVID-99817)
15. Trend Micro Zero Day Initiative (ZDI) - [`puncia exploit ZDI-23-1714`](https://api.exploit.observer/?keyword=ZDI-23-1714)
16. Packet Storm Security (PSS) - [`puncia exploit PSS-170615`](https://api.exploit.observer/?keyword=PSS-170615)
17. CXSecurity World Laboratory of Bugtraq (WLB) - [`puncia exploit WLB-2024010058`](https://api.exploit.observer/?keyword=WLB-2024010058)
18. Rapid7 Metasploit Framework (MSF) - [`puncia exploit MSF/auxiliary_admin/2wire/xslt_password_reset`](https://api.exploit.observer/?keyword=MSF/auxiliary_admin/2wire/xslt_password_reset)
19. ProjectDiscovery Nuclei (PD) - [`puncia exploit PD/http/cves/2020/CVE-2020-12720`](https://api.exploit.observer/?keyword=PD/http/cves/2020/CVE-2020-12720)
20. Hackerone Hacktivity (H1) - [`puncia exploit H1-2230915`](https://api.exploit.observer/?keyword=H1-2230915)
21. Cisco Talos (TALOS) - [`puncia exploit TALOS-2023-1896`](https://api.exploit.observer/?keyword=TALOS-2023-1896)
22. ProtectAI Huntr (HUNTR) - [`puncia exploit HUNTR-001d1c29-805a-4035-93bb-71a0e81da3e5`](https://api.exploit.observer/?keyword=HUNTR-001d1c29-805a-4035-93bb-71a0e81da3e5)
23. WP Engine WPScan (WPSCAN) - [`puncia exploit WPSCAN-52568abd-c509-411e-8391-c75e7613eb42`](https://api.exploit.observer/?keyword=WPSCAN-52568abd-c509-411e-8391-c75e7613eb42)
24. Defiant Wordfence (WORDFENCE) - [`puncia exploit WORDFENCE-00086b84-c1ec-447a-a536-1c73eac1cc85`](https://api.exploit.observer/?keyword=WORDFENCE-00086b84-c1ec-447a-a536-1c73eac1cc85)
25. YouTube (YT) - [`puncia exploit YT/ccqjhUmwLCk`](https://api.exploit.observer/?keyword=YT/ccqjhUmwLCk)
26. Zero Science Lab (ZSL) - [`puncia exploit ZSL-2022-5743`](https://api.exploit.observer/?keyword=ZSL-2022-5743)
27. VARIoT Exploits (VAR-E) - [`puncia exploit VAR-E-201704-0525`](https://api.exploit.observer/?keyword=VAR-E-201704-0525)
28. VARIoT Vulnerabilities (VAR) - [`puncia exploit VAR-202404-0085`](https://api.exploit.observer/?keyword=VAR-202404-0085)
29. Russian VIDs with no associated CVEs (^RU_NON_CVE) - [`puncia exploit ^RU_NON_CVE`](http://api.exploit.observer/russia/noncve)<br>
30. Chinese VIDs with no associated CVEs (^CN_NON_CVE) - [`puncia exploit ^CN_NON_CVE`](http://api.exploit.observer/china/noncve)<br>
31. Technologies/Keywords (No Prefix) - [`puncia exploit grafana`](https://api.exploit.observer/?keyword=grafana)<br>


## Noteworthy Mentions
Expand Down
46 changes: 41 additions & 5 deletions puncia/__main__.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,25 @@
API_URLS = {
"subdomain": "http://api.subdomain.center/?domain=",
"exploit": "http://api.exploit.observer/?keyword=",
"russia": "http://api.exploit.observer/russia/",
"china": "http://api.exploit.observer/china/",
}


def query_api(mode, query, output_file=None):
time.sleep(3)
def query_api(mode, query, output_file=None, cid=None):
time.sleep(6)
url = API_URLS.get(mode)
if "^" in query:
if query == "^RU_NON_CVE":
url = API_URLS.get("russia")
query = "noncve"
mode = "spec_exploit"
cid = "Russian VIDs with no associated CVEs"
if query == "^CN_NON_CVE":
url = API_URLS.get("china")
query = "noncve"
mode = "spec_exploit"
cid = "Chinese VIDs with no associated CVEs"
if not url:
sys.exit("Invalid Mode")

Expand All @@ -23,13 +36,20 @@ def query_api(mode, query, output_file=None):
return
result = json.dumps(response, indent=4, sort_keys=True)
print(result)

if mode in ["spec_exploit"]:
for reurl in response:
query_api(
"exploit",
reurl.replace("https://api.exploit.observer/?keyword=", ""),
output_file,
cid,
)
return
if output_file:
existing_data = {}
if os.path.isfile(output_file):
with open(output_file, "r") as f:
existing_data = json.load(f)

if mode == "subdomain":
if len(existing_data) == 0:
existing_data = []
Expand All @@ -46,9 +66,18 @@ def query_api(mode, query, output_file=None):
existing_data["entries"][lang].sort()
else:
existing_data = response
if "clusters" in existing_data:
existing_data_clusters = existing_data.get("clusters", [])
existing_data_clusters.extend(response.get("clusters", []))
existing_data["clusters"] = list(set(existing_data_clusters))
existing_data["clusters"].sort()
total_entries = 0
for lang in existing_data["entries"]:
total_entries = len(existing_data["entries"][lang]) + total_entries
if "priority" in existing_data:
existing_data["priority"] = (
response.get("priority", 1) + existing_data["priority"]
) / 2
if len(existing_data["description"]) > 0:
if "description" in response and len(response["description"]) > 0:
existing_data["description"] = response["description"]
Expand All @@ -62,14 +91,21 @@ def query_api(mode, query, output_file=None):
str(len(existing_data["entries"])) + " file formats",
existing_data["description"],
)
if cid:
existing_data["description"] = re.sub(
r"(?<=related to\s)[^.]+(?=\.)",
cid,
existing_data["description"],
)

with open(output_file, "w") as f:
json.dump(existing_data, f, indent=4, sort_keys=True)


def main():
try:
print("---------")
print("Panthera(P.)uncia [v0.15]")
print("Panthera(P.)uncia [v0.16]")
print("A.R.P. Syndicate [https://arpsyndicate.io]")
print("Subdomain Center [https://subdomain.center]")
print("Exploit Observer [https://exploit.observer]")
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

setup(
name="puncia",
version="0.15",
version="0.16",
author="A.R.P. Syndicate",
author_email="[email protected]",
keywords="subdomains subdomain exploits exploit arpsyndicate panthera uncia puncia snow leopard",
Expand Down

0 comments on commit e6ec8ee

Please sign in to comment.