Version 0.6.0.1

README.md

@@ -3,6 +3,17 @@
 
 This repo contains a Power Command Console project that combines **CycloneDX** and **Dependency Track** to let you create SBOM files from git repos and import them in to OWASP Dependency Track which gives you a nice GUI where you can analyze your repos vulnerabilities. 
 
+There is also a command to get a Exploit Prediction score (EPSS) with a CVE as input. That command does not need any prerequisites at all.
+
+## Epss
+```epss <your CVE>```
+
+Returns  EPSS score for provided CVE, the value is percent where 0 is minimum and 100 is maximum. Read more about the score at the bottom of this page.
+
+### Example
+```epss CVE-2022-27225```
+
+
 # Prerequisites
 If this is the first time you use a Power Commands implementation a encryption setup will be done at the first startup. The encryption key is setup for all Power Commands projects and is unique for every machine. Encryption is used by this Power Commands project to secure your **Dependency Track** API key.
 
@@ -81,11 +92,18 @@ Read more about Power Commands: https://github.com/PowerCommands/PowerCommands20
 
 Read more about SBOM: https://www.cisa.gov/sbom
 
-<img src="dt_cdxgen_logos.png" alt="Dependency Track logo" width="256">
+<img src="dt_cdxgen_logos.png" alt="Dependency Track logo" width="512">
 
 ## CycloneDX Generator
 [CycloneDX Generator](https://github.com/CycloneDX/cdxgen) on github. 
 
 ## Dependency Track
 
-[Dependency Track Community](https://github.com/DependencyTrack) on github. 
+[Dependency Track Community](https://github.com/DependencyTrack) on github.
+
+## Exploit Prediction Scoring System (EPSS)
+
+[EPSS](https://www.first.org/epss/user-guide) user guide.
+
+EPSS provides a fundamentally new capability for efficient, data-driven vulnerability management. It is a data-driven effort that uses current threat information from CVE and real-world exploit data. The EPSS model produces a probability score between 0 and 1 (0 and 100%), where the higher the score, the greater the probability that a vulnerability will be exploited.
+

src/SecTools/Core/PainKiller.PowerCommands.Core/BaseClasses/CommandBase.cs

@@ -71,8 +71,10 @@ public virtual void RunCompleted()
         #endregion
 
         #region RunResult
-        protected RunResult Ok() => new(this, Input, _ouput.ToString(), RunResultStatus.Ok);
-        protected RunResult Quit() => new(this, Input, _ouput.ToString(), RunResultStatus.Quit);
+        protected RunResult Ok(string message) => new(this, Input, $"{message} {_ouput}", RunResultStatus.Ok);
+        protected RunResult Ok() => Ok(_ouput.ToString());
+        protected RunResult Quit() => Quit(_ouput.ToString());
+        protected RunResult Quit(string message) => new(this, Input, $"{message} {_ouput}", RunResultStatus.Ok);
         protected RunResult BadParameterError(string output) => new(this, Input, output, RunResultStatus.ArgumentError);
         protected RunResult ExceptionError(string output) => new(this, Input, output, RunResultStatus.ExceptionThrown);
         protected RunResult ContinueWith(string rawInput) => new(this, Input, _ouput.ToString(), RunResultStatus.ExceptionThrown, rawInput);

src/SecTools/PainKiller.PowerCommands.Bootstrap/whats_new.md

@@ -1,33 +1,5 @@
 # What is new?
 
-## Version 1.0.2.1
-**Released 2023-07-24**
-- ```ReadLineService``` now has two static events by the ```OpenShortCutPressed``` Occurs when user press [`Ctrl + O`], ```SaveShortCutPressed``` Occurs when user press [`Ctrl + S`].
-- ```DialogService.ListDialog``` now returns a ```Dictionary<int, string>``` instead of ```List<string>``` so string value and index is returned for each selected item.
-- ```ChecksumManager``` now exposing it´t functions for calculating MDF checksum.
-- ```DialogService``` standard dialogs has some minor improvements.
-- ```PowerCommandsManager.RunCustomCode``` now has a parameter ```RunFlowManager runFlow```.
-- Adjusted creation of commands using ```powercommand new --command Name``` so that the new command class now has the correct namespace. (removed PainKiller.PowerCommands.)
-## Version 1.0.2.0
-**Released 2023-07-01**
-- Toolbar functionality moved to own ```ToolbarService``` and reworked it completely, not using timers anymore that caused problems, so it is now a more stable feature (but still a bit experimental).
-- Added PasswordPromptDialog to the ```DialogService```.
-- New List feature, display a list which selectable items.
-- ```DirCommand``` is now a Core command instead of a Demo command.
-- It is now possible to move the cursor up and down with ```CTRL``` + (```⬆️```  or ⬇️).
-## Version 1.0.1.0
-**Released 2023-06-20**
-### Toolbar styled Commands
-- Added new base command class ```CommandWithToolbarBase``` that opens upp for a new way of designing your commands with a displayed toolbar in the bottom right corner. Can either be display suggestions or be set programmatically listening and reacting on to the cmd line input.
-- Added the constant for array splitter to the ```ConfigurationGlobals```, and refactored all code to use it, makes it easier to swap that if necessary.
-- Adjusted the run process so that RunCompleted is always triggered, when running async or when a exception is thrown.
-## Version 1.0.0.1
-**Released 2023-06-12**
-### Capability to Run PowerCommand with a service account and using secrets
-If you want to run your PowerCommands application as a Windows scheduled task started by a service accounts that is not allowed to login on the machine, you need to do a couple of steps.
-
-- You need to copy the PainKiller directory from your %User%\AppData\Roaming to the corresponding one for the service account. 
-- Copy the environment variable _encryptionManager and create the same as a system environment variable. EncryptionService will look for the system environment variable if the user environment variable is not there. 
-- For your stored secrets you will need to to do the same thing and change target: User to target: Machine in the **PowerCommandsConfiguration.yaml** file.
-### Improved logging
-Every log post now includes the current user running the PowerCommand application, the Log commands has been re-designed to use suggestions instead of options where more appropriate.
+## Version 0.6.0.1
+**Released 2023-09-08**
+- ```EpssCommand``` new command to retrive Exploit Prediction Score using the https://api.first.org/data/v1/epss API.

src/SecTools/PainKiller.PowerCommands.PowerCommandsConsole/PainKiller.PowerCommands.PowerCommandsConsole.csproj

@@ -7,7 +7,7 @@
 		<ImplicitUsings>enable</ImplicitUsings>
 		<Nullable>enable</Nullable>
 		<AssemblyName>p-sec-tools</AssemblyName>
-		<Version>0.6.0.0</Version>
+		<Version>0.6.0.1</Version>
 	</PropertyGroup>
 
 	<ItemGroup>

src/SecTools/SecTools.sln.DotSettings

@@ -1,4 +1,5 @@
 <wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=Cdxgen/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=dependencytrack/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Epss/@EntryIndexedValue">True</s:Boolean>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=Sbom/@EntryIndexedValue">True</s:Boolean></wpf:ResourceDictionary>

src/SecTools/SecToolsCommands/Commands/EpssCommand.cs

@@ -0,0 +1,23 @@
+using System.Net.Http.Json;
+using SecToolsCommands.DomainObjects;
+
+namespace SecToolsCommands.Commands;
+
+[PowerCommandDesign( description: "Show the EPSS score for a given CVE vulnerability.",
+                       arguments: "!<CVE>",
+                         example: "epss CVE-2022-27225")]
+public class EpssCommand : CommandBase<PowerCommandsConfiguration>
+{
+    public EpssCommand(string identifier, PowerCommandsConfiguration configuration) : base(identifier, configuration) { }
+
+    public override RunResult Run()
+    {
+        var cve = Input.SingleArgument;
+        var url = $"{Configuration.Epss.ApiUrl}{cve}";
+        var httpClient = new HttpClient();
+        var result = httpClient.GetFromJsonAsync<ExploitPrediction>(url).Result;
+        if (result == null || result.data.Length == 0) return Ok($"{url} returned no result");
+        WriteCodeExample("EPSS: ",result.data.OrderByDescending(d => d.date).First().GetPercent());
+        return Ok();
+    }
+}

src/SecTools/SecToolsCommands/Configuration/EpssConfiguration.cs

@@ -0,0 +1,6 @@
+namespace SecToolsCommands.Configuration;
+
+public class EpssConfiguration
+{
+    public string ApiUrl { get; set; } = "https://api.first.org/data/v1/epss?cve=";
+}

src/SecTools/SecToolsCommands/Configuration/PowerCommandsConfiguration.cs

@@ -7,6 +7,7 @@ public class PowerCommandsConfiguration : CommandsConfiguration
         public DockerDesktopConfiguration DockerDesktop { get; set; } = new();
         public CdxgenConfiguration Cdxgen { get; set; } = new();
         public DependencyTrackerConfiguration DependencyTracker { get; set; } = new();
+        public EpssConfiguration Epss { get; set; } = new();
         public ToolbarConfiguration? StartupToolbar { get; set; }
     }
 }

src/SecTools/SecToolsCommands/DomainObjects/ExploitPrediction.cs

@@ -0,0 +1,13 @@
+namespace SecToolsCommands.DomainObjects;
+
+public class ExploitPrediction
+{
+    public string status { get; set; }
+    public int statuscode { get; set; }
+    public string version { get; set; }
+    public string access { get; set; }
+    public int total { get; set; }
+    public int offset { get; set; }
+    public int limit { get; set; }
+    public ExploitPredictionScore[] data { get; set; }
+}

src/SecTools/SecToolsCommands/DomainObjects/ExploitPredictionScore.cs

@@ -0,0 +1,12 @@
+using System.Globalization;
+
+namespace SecToolsCommands.DomainObjects;
+
+public class ExploitPredictionScore
+{
+    public string cve { get; set; }
+    public string epss { get; set; }
+    public string percentile { get; set; }
+    public string date { get; set; }
+    public string GetPercent() => double.TryParse(percentile, NumberStyles.Float, CultureInfo.InvariantCulture, out var value) ? $"{value * 100:0.00}%" : "-";
+}

src/SecTools/SecToolsCommands/PowerCommandsConfiguration.yaml

@@ -29,6 +29,8 @@ configuration:
     frontendImage: dependencytrack/frontend    
     frontendContainer: dtrack-frontend
     frontendPorts: 8080:8080
+  epss:
+    apiUrl: https://api.first.org/data/v1/epss?cve=
   startupToolbar:
     hideToolbarOption: OnCommandHighlighted
     toolbarItems: