added cvemon data support

README.md

@@ -60,3 +60,11 @@ For now unauthenticated api over localhost:3000 until I put in some basic token
   get "/trickest_poc_cves/cve/:cve_id", to: "trickest_poc_cves#show_for_cve"
   get "/trickest_poc_cves/years/:year", to: "trickest_poc_cves#show_year"
 ```
+
+#### CvemonCves
+```
+  get "/cvemon_cves", to: "cvemon_cves#index"
+  get "/cvemon_cves/:id", to: "cvemon_cves#show"
+  get "/cvemon_cves/cve/:cve_id", to: "cvemon_cves#show_for_cve"
+  get "/cvemon_cves/years/:year", to: "cvemon_cves#show_year"
+```

app/controllers/cvemon_cves_controller.rb

@@ -0,0 +1,21 @@
+class CvemonCvesController < ApplicationController
+  def index
+    @pocs = CvemonCve.all
+  end
+
+  def show
+    @poc = CvemonCve.find_by(:id => params[:id])
+    render json: @poc.to_json
+  end
+
+  def show_for_cve
+    @poc = CvemonCve.where(:cve_id => params[:cve_id])
+    render json: @poc.to_json
+  end
+
+  def show_year
+    @cves_for_year = CvemonCve.from_year(params[:year])
+    render json: @cves_for_year.to_json
+  end
+
+end

app/models/cvemon_cve.rb

@@ -0,0 +1,5 @@
+class CvemonCve < ActiveRecord::Base
+    def self.from_year(year)
+        where("cve_id LIKE ?", "CVE-#{year}-%")
+    end
+end

app/views/cvemon_cves/index.html.erb

@@ -0,0 +1 @@
+<h1>CvemonCves#index</h1>

app/views/cvemon_cves/show.html.erb

@@ -0,0 +1,2 @@
+<h1> @poc </h1>
+

config/routes.rb

@@ -20,4 +20,9 @@ Rails.application.routes.draw do
   get "/trickest_poc_cves/cve/:cve_id", to: "trickest_poc_cves#show_for_cve"
   get "/trickest_poc_cves/years/:year", to: "trickest_poc_cves#show_year"
 
+  get "/cvemon_cves", to: "cvemon_cves#index"
+  get "/cvemon_cves/:id", to: "cvemon_cves#show"
+  get "/cvemon_cves/cve/:cve_id", to: "cvemon_cves#show_for_cve"
+  get "/cvemon_cves/years/:year", to: "cvemon_cves#show_year"
+
 end

db/migrate/20220407083218_create_cvemon_cves.rb

@@ -0,0 +1,9 @@
+class CreateCvemonCves < ActiveRecord::Migration[7.0]
+  def change
+    create_table :cvemon_cves do |t|
+      t.string :cve_id
+      t.index :cve_id, unique: true
+      t.string :urls, array: true
+    end
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2022_04_07_051821) do
+ActiveRecord::Schema[7.0].define(version: 2022_04_07_083218) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
 
@@ -24,6 +24,12 @@ ActiveRecord::Schema[7.0].define(version: 2022_04_07_051821) do
     t.index ["nvd_id"], name: "index_cpes_on_nvd_id", unique: true
   end
 
+  create_table "cvemon_cves", force: :cascade do |t|
+    t.string "cve_id"
+    t.string "urls", array: true
+    t.index ["cve_id"], name: "index_cvemon_cves_on_cve_id", unique: true
+  end
+
   create_table "cves", force: :cascade do |t|
     t.jsonb "cve_data_meta"
     t.string "cve_id"

db/seeds.rb

@@ -11,6 +11,7 @@ require '/data_importer/lib/cve_list_importer.rb'
 require '/data_importer/lib/poc_in_github_importer.rb'
 require '/data_importer/lib/inthewild_cve_exploit_importer.rb'
 require '/data_importer/lib/trickest_poc_cve_importer.rb'
+require '/data_importer/lib/cvemon_cve_importer.rb'
 
 def line_sep
   puts '----------' * 12
@@ -21,6 +22,7 @@ def perform
     import_github_pocs
     import_trickest_poc_cves
     import_inthewild_cve_exploits
+    import_cvemon_cves
     import_cpes
 end
 
@@ -49,4 +51,9 @@ def import_trickest_poc_cves
     TrickestPocCveImporter.new.import
 end
 
+def import_cvemon_cves
+    line_sep
+    CvemonCveImporter.new.import
+end
+
 perform

lib/cvemon_cve_importer.rb

@@ -0,0 +1,41 @@
+require 'rest-client'
+require 'json'
+
+class CvemonCveImporter
+    attr_accessor :url
+    def initialize
+        @url = 'https://raw.githubusercontent.com/ARPSyndicate/cvemon/main/data.json'
+    end
+
+    def get_cve_data
+        r = RestClient::Request.execute(
+            :method => :get,
+            :url => url,
+            :headers => {"Content-type": "application/json"}
+        )
+        if r.code == 200
+            JSON.parse(r.body)
+        else
+            puts "HTTP Code #{r.code}"
+        end
+    end
+
+    def bulk_insert(cves)
+        CvemonCve.bulk_insert do |worker|
+          cves.each do |attrs|
+            worker.add(attrs)
+          end
+        end
+    end
+
+    def import
+        feed = get_cve_data
+        cve_ids = feed.keys
+        puts "Now importing CvemonCves."
+        cves = cve_ids.map do |cve_id|
+            { :cve_id => cve_id, :urls => feed[cve_id] }
+        end
+
+        bulk_insert(cves)
+    end
+end

lib/poc_in_github_importer.rb

@@ -107,6 +107,7 @@ class PocInGithubImporter
     end
 
     puts "Now starting import for #{repo_url}."
+    puts '----------' * 12
     (1999..Date.today.year).map do |year|
       cves_from_json = cves_for_year(year)