- This tool scrapes the CVE feed from vuldb.com, filters it based on keywords, and notifies via Slack about latest CVE only for the technology or the products you have listed as keywords.
- Parses the RSS feed from vuldb.com using gofeed.
- Filters the feed based on the defined keywords.
- Stores filtered CVEs in a database.
- Sends a Slack notification for each new CVE inserted into the database.
Make sure go environment is properly configured
go install github.com/dark-warlord14/CVENotifier/cmd/CVENotifier@latest
-
Set the
SLACK_WEBHOOKenvironment variable with your Slack webhook URL. For example:export SLACK_WEBHOOK=https://hooks.slack.com/services/<id>/<id>
-
Set up keywords in
config.yaml:keywords: - Floodlight - wordpress
-
Run the tool on a regular interval (e.g., every few hours) to fetch the latest feeds and receive notifications for new CVEs. It's recommended to set up a cron job for this.
CVENotifier -config config.yaml
cronjob example
0 * * * * user CVENotifier -config config.yaml 2>&1 | tee -a CVENotifier.log
- Fetch RSS feed from https://vuldb.com/?rss.recent
- Filter the feed if any keyword is present in the title
- Store the data in a database if a keyword is found in the title
- Send a Slack message if the insert operation is successful
The project is now organized into the following packages:
cmd/CVENotifier: Contains the main application logic.internal/config: Contains the configuration loading logic.internal/rss: Contains the RSS feed parsing logic.internal/slack: Contains the Slack notification logic.internal/util: Contains utility functions such as HTML tag removal.internal/db: Contains the database operations logic.internal/errors: Contains custom error types.
The project now uses custom error types to provide more descriptive error messages.