Enhanced CVE Wizard

Overview

enhanced_cve_wizard.py is an advanced Python-based wizard tool designed for managing and analyzing vulnerabilities. It streamlines the process of searching, retrieving, and analyzing CVEs (Common Vulnerabilities and Exposures) while integrating with Exploit-DB's searchsploit utility and fetching additional data from the National Vulnerability Database (NVD).

Features:

1. Setup Automation:

   • Automatically verifies, installs, and updates searchsploit (Exploit-DB).

2. Interactive Menu:

   • CVE Search: Retrieves exploits for a CVE and fetches additional data from the NVD.
   • Exploit Management:
     • Mirror/download exploits.
     • Examine exploits using searchsploit.
   • Nmap Integration: Parses Nmap XML output to identify vulnerabilities and available exploits.
   • Logging: Maintains a log file and provides a summary report.
   • GUI Option: A minimal graphical interface for quick searches.

3. Error Handling:

   • Comprehensive error logging for smooth debugging and operations.
   • Graceful handling of missing dependencies and environment issues.

---

Installation and Requirements

Dependencies

• Python 3.x
• Required Python packages:
  • requests (for fetching data from the NVD)
  • lxml (optional, for advanced XML parsing)
  • tkinter (optional, for GUI functionality)

Installation

1. Install Required Python Packages:

   pip install requests lxml

2. Ensure searchsploit is Installed:

   • The script checks for searchsploit and installs it via apt-get if missing.

   Manual installation (if needed):

   sudo apt-get update
   sudo apt-get install exploitdb

---

Usage

Run the Script

Make the script executable:

chmod +x enhanced_cve_wizard.py

Run the script:

./enhanced_cve_wizard.py

Main Menu Options

1. Search CVE & Create JSON:
   • Fetches exploit details using searchsploit and additional metadata from the NVD.
   • Saves combined results as a JSON file in the current directory.
2. Mirror or Examine Exploits:
   • Mirror/download or view exploits for a given EDB-ID.
3. Parse Nmap XML:
   • Reads Nmap XML output and finds related exploits.
4. Update Exploit-DB:
   • Updates the local Exploit-DB index using searchsploit -u.
5. View Logging Report:
   • Displays the last 10 entries of the log file for review.
6. Launch Minimal GUI:
   • Starts a Tkinter-based graphical interface for quick searches.
7. Exit:
   • Exits the tool.

Example Usage

• Search for a CVE:

  Enter the CVE ID (e.g., CVE-2021-44228): CVE-2021-44228
  

• Mirror an exploit:

  Enter the EDB-ID to mirror (e.g., 50592): 50592
  

• Parse an Nmap XML file:

  Enter path to Nmap XML file (e.g., scan.xml): /path/to/scan.xml
  

---

Logs

• Logs are stored in cve_wizard.log in the script's directory.
• Use the "View Logging Report" option to display recent log entries.

---

Notes

• Error Handling: The script handles missing dependencies, network issues, and invalid inputs gracefully. Logs provide detailed error information for troubleshooting.
• GUI Requirements: Ensure tkinter is installed and a graphical environment is available for the GUI option.

---

License

This project is licensed under the MIT License.