# data_importer

Import common security data such as CVE, CPE, and Advisories from various CNAs into a rails rails app with a postgresql db backend.

## Supported data models:
- `Cve` data from [cve_list](https://github.com/CVEProject/cvelist) mitre.
- `Cpe` data from [nvd](https://nvd.nist.gov/products/cpe) 2.2 format.
- `GithubPoc` data from [nomi-sec](https://github.com/nomi-sec/PoC-in-GitHub).
- `InthewildCveExploit` data from [inthewild.io](https://inthewild.io/api/exploited) exploited feed.

## Initial Setup

### Build container
`docker-compose build`

### Database creation and seeding initial data
```
docker-compose run web rake db:create
docker-compose run web rake db:migrate
docker-compose run web rake db:seed
```

### Launch Pry console
`docker-compose run web rails console`

### HTTP API

#### Cves
```
  get "/cves", to: "cves#index"
  get "/cves/:cve_id", to: "cves#show"
  get "/cves/years/:year", to: "cves#show_year"
```
#### Cpes
```
  get "/cpes", to: "cpes#index"
  get "/cpes/:id", to: "cpes#show"
```

#### GithubPocs
```
  get "/github_pocs", to: "github_pocs#index"
  get "/github_pocs/:id", to: "github_pocs#show"
  get "/github_pocs/cve/:cve_id", to: "github_pocs#show_for_cve"
```

#### InthewildCveExploits
```
  get "/inthewild_cve_exploits", to: "inthewild_cve_exploits#index"
  get "/inthewild_cve_exploits/:cve_id", to: "inthewild_cve_exploits#show"
```