Vulners

Vulners_CVE

Details

Author	Dmitry Uchakin, Vulners team
Version	1.0
License	AGPL-V3
Requires Registration	Yes
Requires Subscription	Yes
Free Subscription Available	Yes
DataType Supported	cve
Service Homepage	Vulners_CVE

Description

Get information about CVE from powerful Vulners database.

Configuration

Name	Description
key	API key for Vulners

Details

Author	Dmitry Uchakin, Vulners team
Version	1.0
License	AGPL-V3
Requires Registration	Yes
Requires Subscription	Yes
Free Subscription Available	Yes
DataType Supported	url, domain, ip
Service Homepage	Vulners_IOC

Description

Get information from the RST Threat Feed, which integrated with Vulners, for a domain, url or an IP address.

Configuration

Name	Description
key	API key for Vulners

Additional details from the README file:

This analyzer consists of 2 parts.

Vulners_IOC: As a result of collaboration between Vulners and RST Threat Feed, the idea was to send IOC analysis results through theHive analyzer: blog post
Vulners_CVE: Vulners have a strong vulnerability database. This data is useful if: “if the case (incident) is related to the exploitation of a vulnerability, then the analyst (manually / automatically) can add it to observables and quickly get all the basic information on it in order to continue analyzing the case.”

Vulners API key required.

copy the folders “Vulners” analyzer & “Vulners” into your Cortex analyzer path
install necessary python modules from the requirements.txt (pip install -r requirements.txt)
restart Cortex to initialize the new Responder “systemctl restart cortex“

Get your Vulners api key: .. image:: assets/vulners_api.png