is_vulnerable

1. #!/usr/bin/env python3
2. # -*- coding: utf-8 -*-
3. # Filename: is_vulnerable.py
4. # Version: 1.0.0
5. # Author: Jeoi Reqi
6.  
7. """
8. This script checks for vulnerabilities in installed software by querying the National Vulnerability Database (NVD).
9. It retrieves a list of installed applications on the system using WMI (Windows Management Instrumentation).
10. Then, it searches for vulnerabilities associated with each application by scraping the NVD website for exploits.
11.  
12. If vulnerabilities are found for an application, it categorizes it as "Is Vulnerable" and lists the vulnerabilities.
13. If no vulnerabilities are found, it categorizes the application as "Is Not Vulnerable".
14.  
15. The results are saved to a text file named 'vulnerability_output.txt' in the following format:
16. - Vulnerable:
17.  <Application Name>:
18.  <Vulnerability 1>
19.  <Vulnerability 2>
20.  ...
21.  
22. - Not Vulnerable:
23.  <Application Name>
24.  <Application Name>
25.  ...
26.  
27. Requirements:
28. Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
29.  
30. Requests Library:
31. - The script uses the requests library to make HTTP requests to the National Vulnerability Database (NVD).
32.  Ensure that the requests library is installed.
33.  You can manually install it using pip:
34.  
35.    'pip install requests'
36.  
37. - Beautiful Soup Library: The script uses the BeautifulSoup library to parse HTML content retrieved from the NVD website.
38.  Ensure that the beautifulsoup4 library is installed.
39.  You can manually install it using pip:
40.  
41.    'pip install beautifulsoup4'
42.  
43. WMI Module:
44. - The script uses the wmi module to interact with the Windows Management Instrumentation (WMI) API to retrieve a list of installed software on a Windows system.
45.  If you're using a Windows system, the wmi module is likely available by default.
46.  you can manually install it using pip:
47.  
48.    'pip install WMI'
49.  
50. Internet Connection:
51. - The script retrieves vulnerability information from the National Vulnerability Database (NVD) hosted by NIST (National Institute of Standards and Technology).
52.  Therefore, an active internet connection is required for the script to fetch vulnerability data.
53.  
54. Ensure that Python and the required libraries are installed on your system, and you have an internet connection to fetch vulnerability data from the NVD.
55. """
56.  
57. import wmi
58. import requests
59. from bs4 import BeautifulSoup
60.  
61. def get_installed_software():
62.     """
63.    Retrieves a list of installed software on the system using WMI.
64.  
65.    Returns:
66.        list: A list of strings representing installed software names.
67.    """
68.     c = wmi.WMI()
69.     software = []
70.     for item in c.Win32_Product():
71.         software.append(item.Caption)
72.     return software
73.  
74. def get_cve_details(software):
75.     """
76.    Retrieves vulnerability details for each software in the provided list.
77.  
78.    Args:
79.        software (list): A list of strings representing software names.
80.  
81.    Returns:
82.        dict: A dictionary where keys are software names and values are lists of associated vulnerabilities.
83.    """
84.     cve_details = {}
85.     for item in software:
86.         print(f"Retrieving vulnerabilities for {item}...")
87.         # Search for vulnerabilities in NVD using the software name
88.         query = f"https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&query={item}&search_type=all"
89.         response = requests.get(query)
90.         if response.status_code == 200:
91.             soup = BeautifulSoup(response.content, "html.parser")
92.             # Extract vulnerability details
93.             vuln_entries = soup.find_all("tr", class_="srrowns")
94.             if vuln_entries:
95.                 cve_details[item] = [entry.find("a").text.strip() for entry in vuln_entries]
96.             else:
97.                 cve_details[item] = None  # None if no vulnerabilities found
98.         else:
99.             cve_details[item] = ["\nFailed to retrieve vulnerability information.\n"]
100.     return cve_details
101.  
102. if __name__ == "__main__":
103.     print("\nGathering List Of Your Installed Applications...\n")
104.     installed_software = get_installed_software()
105.     print("\nGathering List Of Applications Is Complete!\n")
106.     vulnerable_software = []
107.     not_vulnerable_software = []
108.     print("\nRetrieving (NVD) Vulnerability & Exploit Data From NIST:\nThis May Take Some Time To Process...\n")
109.  
110.     if installed_software:
111.         software_vulnerabilities = get_cve_details(installed_software)
112.         for software, vulnerabilities in software_vulnerabilities.items():
113.             if vulnerabilities is not None and vulnerabilities != []:
114.                 vulnerable_software.append((software, vulnerabilities))
115.             else:
116.                 not_vulnerable_software.append(software)
117.  
118.     # Save output to file
119.     with open("vulnerability_output.txt", "w", encoding="utf-8") as f:
120.         # Write Vulnerable Software
121.         f.write("Is Vulnerable:\n")
122.         if vulnerable_software:
123.             for software, vulnerabilities in vulnerable_software:
124.                 f.write(software + "\n")
125.                 if vulnerabilities:
126.                     for vuln in vulnerabilities:
127.                         f.write(vuln + "\n")
128.                 else:
129.                    f.write("No Known Vulnerabilities Found!\n")  
130.                 f.write("\n")
131.         else:
132.             f.write("No Known Vulnerabilities Found!\n")  
133.         f.write("\n")
134.        
135.         # Write Non Vulnerable Software
136.         f.write("Is Not Vulnerable:\n")
137.         for software in not_vulnerable_software:
138.             f.write(software + "\n")
139.  
140.     print("\nOutput saved to vulnerability_output.txt\n\nGoodBye!\n")
141.  
142.