javokhir-sec/cve-scanner

GitHub: javokhir-sec/cve-scanner

一款基于 Python 的实时 CVE 监控工具,针对用户实际技术栈轮询多个漏洞数据源并提供即时告警与自动报告。

Stars: 1 | Forks: 0

# 📡 CVE Scanner — 实时漏洞监控器

## 💡 什么是 CVE Scanner? 跟踪您实际技术栈中的漏洞 — 而不仅仅是通用的 CVE 订阅源: - 📡 **实时监控** — 轮询 NVD、GitHub Advisory、Exploit-DB - 🎯 **针对特定技术栈** — 扫描影响您所用技术的 CVE - ⚡ **即时警报** — Telegram、Discord、Slack、电子邮件 - 📊 **自动报告** — 每周漏洞摘要 - 🔗 **支持 CI/CD** — 集成 GitHub Actions、GitLab CI ## 🚀 快速开始 ``` git clone https://github.com/javokhir-sec/cve-scanner.git cd cve-scanner pip install -r requirements.txt # 扫描你的 stack python cvescan.py --stack php,mysql,apache,wordpress --versions "8.1,8.0,2.4,6.2" # Monitor mode(每小时检查一次) python cvescan.py --monitor --stack nginx,postgres,redis,django --versions "1.24,15,7,4.2" # 生成报告 python cvescan.py --report --stack your-stack.json --output weekly-report.html ``` ## ⚙️ 配置 ``` # cve-scanner.yml stack: - name: php version: "8.1" - name: mysql version: "8.0" - name: apache version: "2.4" - name: wordpress version: "6.2" alerts: telegram: true discord: true email: "security@example.com" schedule: "0 */6 * * *" # Every 6 hours thresholds: critical: alert # Immediate alert for critical high: alert # Immediate alert for high medium: daily # Daily digest low: weekly # Weekly report ``` ## 📊 示例输出 ``` 📡 CVE Scanner v1.0 — Checking your stack... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Stack: PHP 8.1, MySQL 8.0, Apache 2.4, WordPress 6.2 Last check: 2026-07-01 14:00 UTC 🔴 NEW CRITICAL CVEs (2): → CVE-2026-XXXXX | WordPress 6.2 | RCE | CVSS 9.8 https://nvd.nist.gov/vuln/detail/CVE-2026-XXXXX → CVE-2026-YYYYY | PHP 8.1 | Buffer Overflow | CVSS 9.1 🟠 NEW HIGH CVEs (1): → CVE-2026-ZZZZZ | MySQL 8.0 | Priv Escalation | CVSS 8.4 📊 SUMMARY: Total monitored: 4 products Vulnerable: 2 products (WordPress, PHP) New CVEs: 3 (2 Critical, 1 High) ⚡ Alert sent via Telegram + Discord! 📝 Report: reports/cve-scan-2026-07-01.html ``` ## 📜 许可证 MIT © [Javokhir Tursunboyev](https://github.com/javokhir-sec)
标签:CVE, LNA, PB级数据处理, Python, 告警通知, 安全运维, 数字签名, 无后门, 漏洞监控, 自动化报告, 逆向工具