Python SDK to access the vulnerability database

Installation

It's possible to install the latest stable release from pypi:

pip install vulndb

Or if you're interested in the latest version from our repository:

git clone https://github.com/vulndb/python-sdk.git
python setup.py install

Usage

>>> from vulndb import DBVuln
>>> dbv = DBVuln.from_id(42)
>>> dbv.title
'SQL Injection'
>>> dbv.description
'A long and actionable description for SQL injection ...'
>>> dbv.fix_guidance
'Explains the developer how to fix SQL injections, usually a couple of <p> long ...'
>>> dbv.severity
'high'
>>> r = dbv.references[0]
>>> r.url
'http://example.com/sqli-description.html'
>>> r.title
'SQL injection cheat-sheet'

More attributes, methods and helpers are well documented and available in the source code.

Contributing

Send your pull requests with improvements and bug fixes, making sure that all tests PASS:

$ cd python-sdk
$ virtualenv venv
$ . venv/bin/activate
$ pip install -r vulndb/requirements-dev.txt
$ nosetests vulndb/
..........
----------------------------------------------------------------------
Ran 10 tests in 0.355s

OK

Updating the database

This package embeds the vulnerability database in the vulndb/db/ directory. To update the database with new information follow these steps:

# Update the database
tools/update-db.sh

After updating the database it's a good idea to publish the latest at pypi using:

rm -rf dist/
python setup.py sdist bdist_wheel
twine check dist/*
twine upload dist/*