bpmcdevitt/security_tools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added submodule for cvelist project and a json of the count of cna per cve-id

Browse source
This commit is contained in:
Brendan McDevitt 2022-03-01 23:52:31 -06:00
parent da2589fbcf
commit 8b79305e52
4 changed files with 784 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitmodules vendored Normal file
View file

@ -0,0 +1,3 @@
[submodule "tools/cvelist"]
path = tools/cvelist
url = https://github.com/CVEProject/cvelist

774
tools/cve_cna_security_advisories/cna_count_for_all_cves.json Normal file
View file

@ -0,0 +1,774 @@
[
{
"cna": "cve@mitre.org",
"count": 144427
},
{
"cna": "secalert@redhat.com",
"count": 9077
},
{
"cna": "secure@microsoft.com",
"count": 7405
},
{
"cna": "secalert_us@oracle.com",
"count": 7012
},
{
"cna": "psirt@cisco.com",
"count": 4889
},
{
"cna": "psirt@us.ibm.com",
"count": 4687
},
{
"cna": "product-security@apple.com",
"count": 4353
},
{
"cna": "psirt@adobe.com",
"count": 4105
},
{
"cna": "security@android.com",
"count": 3178
},
{
"cna": "cert@cert.org",
"count": 2831
},
{
"cna": "ics-cert@hq.dhs.gov",
"count": 2015
},
{
"cna": "vultures@jpcert.or.jp",
"count": 1920
},
{
"cna": "product-security@qualcomm.com",
"count": 1890
},
{
"cna": "security-advisories@github.com",
"count": 1819
},
{
"cna": "security@google.com",
"count": 1747
},
{
"cna": "security@mozilla.org",
"count": 1411
},
{
"cna": "talos-cna@cisco.com",
"count": 1243
},
{
"cna": "psirt@huawei.com",
"count": 1168
},
{
"cna": "zdi-disclosures@trendmicro.com",
"count": 1104
},
{
"cna": "support@hackerone.com",
"count": 1040
},
{
"cna": "contact@wpscan.com",
"count": 957
},
{
"cna": "secure@intel.com",
"count": 945
},
{
"cna": "security@apache.org",
"count": 843
},
{
"cna": "jenkinsci-cert@googlegroups.com",
"count": 742
},
{
"cna": "chrome-cve-admin@google.com",
"count": 729
},
{
"cna": "security-alert@hpe.com",
"count": 728
},
{
"cna": "hp-security-alert@hp.com",
"count": 721
},
{
"cna": "cna@sap.com",
"count": 700
},
{
"cna": "security_alert@emc.com",
"count": 668
},
{
"cna": "productcert@siemens.com",
"count": 662
},
{
"cna": "security@debian.org",
"count": 631
},
{
"cna": "PSIRT-CNA@flexerasoftware.com",
"count": 488
},
{
"cna": "report@snyk.io",
"count": 469
},
{
"cna": "f5sirt@f5.com",
"count": 467
},
{
"cna": "sirt@juniper.net",
"count": 461
},
{
"cna": "cybersecurity@schneider-electric.com",
"count": 453
},
{
"cna": "security@microfocus.com",
"count": 404
},
{
"cna": "security@huntr.dev",
"count": 379
},
{
"cna": "psirt@nvidia.com",
"count": 367
},
{
"cna": "vulnreport@tenable.com",
"count": 355
},
{
"cna": "secure@dell.com",
"count": 340
},
{
"cna": "security@atlassian.com",
"count": 326
},
{
"cna": "cve@gitlab.com",
"count": 316
},
{
"cna": "security@ubuntu.com",
"count": 294
},
{
"cna": "security@trendmicro.com",
"count": 293
},
{
"cna": "security@vmware.com",
"count": 285
},
{
"cna": "psirt@fortinet.com",
"count": 283
},
{
"cna": "secure@symantec.com",
"count": 271
},
{
"cna": "cve@cert.org.tw",
"count": 260
},
{
"cna": "psirt@mcafee.com",
"count": 245
},
{
"cna": "mobile.security@samsung.com",
"count": 242
},
{
"cna": "psirt@lenovo.com",
"count": 197
},
{
"cna": "security@wordfence.com",
"count": 178
},
{
"cna": "psirt@paloaltonetworks.com",
"count": 160
},
{
"cna": "security@synology.com",
"count": 158
},
{
"cna": "cve-assign@distributedweaknessfiling.org",
"count": 157
},
{
"cna": "security@qnap.com",
"count": 150
},
{
"cna": "vuln@krcert.or.kr",
"count": 135
},
{
"cna": "vulnerability@kaspersky.com",
"count": 126
},
{
"cna": "secteam@freebsd.org",
"count": 123
},
{
"cna": "security@tibco.com",
"count": 120
},
{
"cna": "cve@rapid7.com",
"count": 119
},
{
"cna": "cve-assign@fb.com",
"count": 116
},
{
"cna": "info@cert.vde.com",
"count": 115
},
{
"cna": "vulnerabilitylab@whitesourcesoftware.com",
"count": 114
},
{
"cna": "psirt@zte.com.cn",
"count": 94
},
{
"cna": "security@eclipse.org",
"count": 93
},
{
"cna": "security@elastic.co",
"count": 91
},
{
"cna": "security@suse.com",
"count": 87
},
{
"cna": "security-alert@netapp.com",
"count": 86
},
{
"cna": "cve@checkpoint.com",
"count": 71
},
{
"cna": "cybersecurity@ch.abb.com",
"count": 70
},
{
"cna": "PSIRT@sonicwall.com",
"count": 68
},
{
"cna": "sirt@brocade.com",
"count": 67
},
{
"cna": "psirt@amd.com",
"count": 66
},
{
"cna": "larry0@me.com",
"count": 66
},
{
"cna": "psirt@hcl.com",
"count": 63
},
{
"cna": "vuln@ca.com",
"count": 60
},
{
"cna": "security@pivotal.io",
"count": 58
},
{
"cna": "security-officer@isc.org",
"count": 54
},
{
"cna": "vulnerabilities@zephyrproject.org",
"count": 45
},
{
"cna": "security@puppet.com",
"count": 45
},
{
"cna": "psirt@bosch.com",
"count": 45
},
{
"cna": "cve-requests@bitdefender.com",
"count": 45
},
{
"cna": "audit@patchstack.com",
"count": 45
},
{
"cna": "security@drupal.org",
"count": 44
},
{
"cna": "psirt@autodesk.com",
"count": 44
},
{
"cna": "security@kubernetes.io",
"count": 41
},
{
"cna": "patrick@puiterwijk.org",
"count": 41
},
{
"cna": "security@php.net",
"count": 37
},
{
"cna": "cna@mongodb.com",
"count": 37
},
{
"cna": "security@mediatek.com",
"count": 35
},
{
"cna": "secure@blackberry.com",
"count": 35
},
{
"cna": "openssl-security@openssl.org",
"count": 35
},
{
"cna": "security@otrs.com",
"count": 34
},
{
"cna": "psirt@solarwinds.com",
"count": 34
},
{
"cna": "securityalerts@avaya.com",
"count": 32
},
{
"cna": "security@xen.org",
"count": 32
},
{
"cna": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"count": 32
},
{
"cna": "security@joomla.org",
"count": 31
},
{
"cna": "cve@aliasrobotics.com",
"count": 29
},
{
"cna": "security@jfrog.com",
"count": 24
},
{
"cna": "productsecurity@jci.com",
"count": 24
},
{
"cna": "cve-coordination@incibe.es",
"count": 24
},
{
"cna": "security@zoom.us",
"count": 22
},
{
"cna": "psirt@esri.com",
"count": 22
},
{
"cna": "disclosures@gallagher.com",
"count": 22
},
{
"cna": "cve-notifications-us@f-secure.com",
"count": 22
},
{
"cna": "browser-security@yandex-team.ru",
"count": 21
},
{
"cna": "security@vaadin.com",
"count": 20
},
{
"cna": "security@teradici.com",
"count": 20
},
{
"cna": "security@xiaomi.com",
"count": 19
},
{
"cna": "vulnerability@ncsc.ch",
"count": 18
},
{
"cna": "cybersecurity@dahuatech.com",
"count": 18
},
{
"cna": "cve-request@iojs.org",
"count": 18
},
{
"cna": "security@odoo.com",
"count": 17
},
{
"cna": "security@documentfoundation.org",
"count": 17
},
{
"cna": "product-cna@github.com",
"count": 16
},
{
"cna": "VulnerabilityReporting@secomea.com",
"count": 16
},
{
"cna": "cna@cyber.gov.il",
"count": 15
},
{
"cna": "security@acronis.com",
"count": 14
},
{
"cna": "security@zyxel.com.tw",
"count": 13
},
{
"cna": "responsibledisclosure@mattermost.com",
"count": 13
},
{
"cna": "CybersecurityCOE@eaton.com",
"count": 13
},
{
"cna": "psirt@forcepoint.com",
"count": 12
},
{
"cna": "psirt@arista.com",
"count": 12
},
{
"cna": "vuln@vdoo.com",
"count": 11
},
{
"cna": "security@oppo.com",
"count": 11
},
{
"cna": "security-info@sgi.com",
"count": 11
},
{
"cna": "psirt-info@cyber.jp.nec.com",
"count": 11
},
{
"cna": "cve@navercorp.com",
"count": 11
},
{
"cna": "security@salesforce.com",
"count": 10
},
{
"cna": "security@openvpn.net",
"count": 10
},
{
"cna": "security@octopus.com",
"count": 10
},
{
"cna": "cybersecurity@hitachienergy.com",
"count": 10
},
{
"cna": "security@search-guard.com",
"count": 9
},
{
"cna": "security@craftersoftware.com",
"count": 9
},
{
"cna": "security-report@netflix.com",
"count": 9
},
{
"cna": "security-alert@sophos.com",
"count": 9
},
{
"cna": "cna@cloudflare.com",
"count": 9
},
{
"cna": "sirt@silver-peak.com",
"count": 8
},
{
"cna": "psirt@sick.de",
"count": 8
},
{
"cna": "help@fluidattacks.com",
"count": 8
},
{
"cna": "psirt@wdc.com",
"count": 7
},
{
"cna": "disclosure@synopsys.com",
"count": 7
},
{
"cna": "cve@usom.gov.tr",
"count": 7
},
{
"cna": "security@mautic.org",
"count": 6
},
{
"cna": "security@duo.com",
"count": 6
},
{
"cna": "security@360.cn",
"count": 6
},
{
"cna": "jordan@liggitt.net",
"count": 6
},
{
"cna": "infosec@edk2.groups.io",
"count": 6
},
{
"cna": "dl_cve@linecorp.com",
"count": 6
},
{
"cna": "disclose@cybersecurityworks.com",
"count": 6
},
{
"cna": "cert@airbus.com",
"count": 6
},
{
"cna": "sep@nlnetlabs.nl",
"count": 5
},
{
"cna": "responsible-disclosure@pingidentity.com",
"count": 5
},
{
"cna": "psirt@mirantis.com",
"count": 5
},
{
"cna": "product-security@axis.com",
"count": 5
},
{
"cna": "josh@bress.net",
"count": 5
},
{
"cna": "info@appcheck-ng.com",
"count": 5
},
{
"cna": "cve_disclosure@tech.gov.sg",
"count": 5
},
{
"cna": "security@zabbix.com",
"count": 4
},
{
"cna": "security@tcpdump.org",
"count": 4
},
{
"cna": "security@opera.com",
"count": 4
},
{
"cna": "security@fidelissecurity.com",
"count": 4
},
{
"cna": "psirt@thalesgroup.com",
"count": 4
},
{
"cna": "cve@zscaler.com",
"count": 4
},
{
"cna": "security@vivo.com",
"count": 3
},
{
"cna": "security@pega.com",
"count": 3
},
{
"cna": "security@m-files.com",
"count": 3
},
{
"cna": "security@eset.com",
"count": 3
},
{
"cna": "securities@openeuler.org",
"count": 3
},
{
"cna": "prodsec@nozominetworks.com",
"count": 3
},
{
"cna": "hsrc@hikvision.com",
"count": 3
},
{
"cna": "cybersecurity@hitachi-powergrids.com",
"count": 3
},
{
"cna": "cve@forums.swift.org",
"count": 3
},
{
"cna": "security@snowsoftware.com",
"count": 2
},
{
"cna": "security@netgear.com",
"count": 2
},
{
"cna": "product.security@lge.com",
"count": 2
},
{
"cna": "iletisim@usom.gov.tr",
"count": 2
},
{
"cna": "cybersecurity@bd.com",
"count": 2
},
{
"cna": "SecurityResponse@netmotionsoftware.com",
"count": 2
},
{
"cna": "vulnerability@cspcert.ph",
"count": 1
},
{
"cna": "vdisclose@cert-in.org.in",
"count": 1
},
{
"cna": "security@replicated.com",
"count": 1
},
{
"cna": "security@devolutions.net",
"count": 1
},
{
"cna": "security@deepsurface.com",
"count": 1
},
{
"cna": "secure@ea.com",
"count": 1
},
{
"cna": "psirt@tigera.io",
"count": 1
},
{
"cna": "psirt@okta.com",
"count": 1
},
{
"cna": "psirt@forgerock.com",
"count": 1
},
{
"cna": "csirt@divd.nl",
"count": 1
},
{
"cna": "Alibaba-CNA@list.alibaba-inc.com",
"count": 1
}
]

7
tools/cve_cna_security_advisories/cna_count_per_cve.rb
View file

@ -1,6 +1,7 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
# this will loop through each year and for each CVE-ID and count the assigners # this will loop through each year and for each CVE-ID and count the assigners
require 'json' require 'json'
require 'pry'
files = Dir['../cvelist/*/*/*.json'] files = Dir['../cvelist/*/*/*.json']
results = files.map do |fp| results = files.map do |fp|
@ -14,4 +15,8 @@ end
sorted_and_grouped_cnas = results.map { |cve_id, cna_email| cna_email}.sort.group_by(&:itself) sorted_and_grouped_cnas = results.map { |cve_id, cna_email| cna_email}.sort.group_by(&:itself)
cna_count_per_cves = sorted_and_grouped_cnas.map {|k,v| [k, v.count]}.sort_by{|a,b|b}.reverse cna_count_per_cves = sorted_and_grouped_cnas.map {|k,v| [k, v.count]}.sort_by{|a,b|b}.reverse
cna_count_per_cves.map {|cna, count| puts "CNA: #{cna}, COUNT: #{count}"} result_count = cna_count_per_cves.map {|cna, count| {:cna => cna, :count => count}}
binding.pry
json_data = JSON.pretty_generate(result_count)
File.write("./cna_count_for_all_cves.json", json_data)

1
tools/cvelist Submodule

@ -0,0 +1 @@
Subproject commit 7da9cefaa2dd26dd0412210a31f2d04647e3af82