diff --git a/README.md b/README.md index 6bb18ef..5b0d894 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,17 @@ This repo contains a Power Command Console project that combines **CycloneDX** and **Dependency Track** to let you create SBOM files from git repos and import them in to OWASP Dependency Track which gives you a nice GUI where you can analyze your repos vulnerabilities. +There is also a command to get a Exploit Prediction score (EPSS) with a CVE as input. That command does not need any prerequisites at all. + +## Epss +```epss ``` + +Returns EPSS score for provided CVE, the value is percent where 0 is minimum and 100 is maximum. Read more about the score at the bottom of this page. + +### Example +```epss CVE-2022-27225``` + + # Prerequisites If this is the first time you use a Power Commands implementation a encryption setup will be done at the first startup. The encryption key is setup for all Power Commands projects and is unique for every machine. Encryption is used by this Power Commands project to secure your **Dependency Track** API key. @@ -81,11 +92,18 @@ Read more about Power Commands: https://github.com/PowerCommands/PowerCommands20 Read more about SBOM: https://www.cisa.gov/sbom -Dependency Track logo +Dependency Track logo ## CycloneDX Generator [CycloneDX Generator](https://github.com/CycloneDX/cdxgen) on github. ## Dependency Track -[Dependency Track Community](https://github.com/DependencyTrack) on github. +[Dependency Track Community](https://github.com/DependencyTrack) on github. + +## Exploit Prediction Scoring System (EPSS) + +[EPSS](https://www.first.org/epss/user-guide) user guide. + +EPSS provides a fundamentally new capability for efficient, data-driven vulnerability management. It is a data-driven effort that uses current threat information from CVE and real-world exploit data. The EPSS model produces a probability score between 0 and 1 (0 and 100%), where the higher the score, the greater the probability that a vulnerability will be exploited. + diff --git a/dt_cdxgen_logos.png b/dt_cdxgen_logos.png index ac1b63b..2a04279 100644 Binary files a/dt_cdxgen_logos.png and b/dt_cdxgen_logos.png differ diff --git a/src/SecTools/Core/PainKiller.PowerCommands.Core/BaseClasses/CommandBase.cs b/src/SecTools/Core/PainKiller.PowerCommands.Core/BaseClasses/CommandBase.cs index bbb6fe8..ce7deec 100644 --- a/src/SecTools/Core/PainKiller.PowerCommands.Core/BaseClasses/CommandBase.cs +++ b/src/SecTools/Core/PainKiller.PowerCommands.Core/BaseClasses/CommandBase.cs @@ -71,8 +71,10 @@ public virtual void RunCompleted() #endregion #region RunResult - protected RunResult Ok() => new(this, Input, _ouput.ToString(), RunResultStatus.Ok); - protected RunResult Quit() => new(this, Input, _ouput.ToString(), RunResultStatus.Quit); + protected RunResult Ok(string message) => new(this, Input, $"{message} {_ouput}", RunResultStatus.Ok); + protected RunResult Ok() => Ok(_ouput.ToString()); + protected RunResult Quit() => Quit(_ouput.ToString()); + protected RunResult Quit(string message) => new(this, Input, $"{message} {_ouput}", RunResultStatus.Ok); protected RunResult BadParameterError(string output) => new(this, Input, output, RunResultStatus.ArgumentError); protected RunResult ExceptionError(string output) => new(this, Input, output, RunResultStatus.ExceptionThrown); protected RunResult ContinueWith(string rawInput) => new(this, Input, _ouput.ToString(), RunResultStatus.ExceptionThrown, rawInput); diff --git a/src/SecTools/PainKiller.PowerCommands.Bootstrap/whats_new.md b/src/SecTools/PainKiller.PowerCommands.Bootstrap/whats_new.md index 9e3200f..ff9bbeb 100644 --- a/src/SecTools/PainKiller.PowerCommands.Bootstrap/whats_new.md +++ b/src/SecTools/PainKiller.PowerCommands.Bootstrap/whats_new.md @@ -1,33 +1,5 @@ # What is new? -## Version 1.0.2.1 -**Released 2023-07-24** -- ```ReadLineService``` now has two static events by the ```OpenShortCutPressed``` Occurs when user press [`Ctrl + O`], ```SaveShortCutPressed``` Occurs when user press [`Ctrl + S`]. -- ```DialogService.ListDialog``` now returns a ```Dictionary``` instead of ```List``` so string value and index is returned for each selected item. -- ```ChecksumManager``` now exposing it´t functions for calculating MDF checksum. -- ```DialogService``` standard dialogs has some minor improvements. -- ```PowerCommandsManager.RunCustomCode``` now has a parameter ```RunFlowManager runFlow```. -- Adjusted creation of commands using ```powercommand new --command Name``` so that the new command class now has the correct namespace. (removed PainKiller.PowerCommands.) -## Version 1.0.2.0 -**Released 2023-07-01** -- Toolbar functionality moved to own ```ToolbarService``` and reworked it completely, not using timers anymore that caused problems, so it is now a more stable feature (but still a bit experimental). -- Added PasswordPromptDialog to the ```DialogService```. -- New List feature, display a list which selectable items. -- ```DirCommand``` is now a Core command instead of a Demo command. -- It is now possible to move the cursor up and down with ```CTRL``` + (```⬆️``` or ⬇️). -## Version 1.0.1.0 -**Released 2023-06-20** -### Toolbar styled Commands -- Added new base command class ```CommandWithToolbarBase``` that opens upp for a new way of designing your commands with a displayed toolbar in the bottom right corner. Can either be display suggestions or be set programmatically listening and reacting on to the cmd line input. -- Added the constant for array splitter to the ```ConfigurationGlobals```, and refactored all code to use it, makes it easier to swap that if necessary. -- Adjusted the run process so that RunCompleted is always triggered, when running async or when a exception is thrown. -## Version 1.0.0.1 -**Released 2023-06-12** -### Capability to Run PowerCommand with a service account and using secrets -If you want to run your PowerCommands application as a Windows scheduled task started by a service accounts that is not allowed to login on the machine, you need to do a couple of steps. - -- You need to copy the PainKiller directory from your %User%\AppData\Roaming to the corresponding one for the service account. -- Copy the environment variable _encryptionManager and create the same as a system environment variable. EncryptionService will look for the system environment variable if the user environment variable is not there. -- For your stored secrets you will need to to do the same thing and change target: User to target: Machine in the **PowerCommandsConfiguration.yaml** file. -### Improved logging -Every log post now includes the current user running the PowerCommand application, the Log commands has been re-designed to use suggestions instead of options where more appropriate. +## Version 0.6.0.1 +**Released 2023-09-08** +- ```EpssCommand``` new command to retrive Exploit Prediction Score using the https://api.first.org/data/v1/epss API. diff --git a/src/SecTools/PainKiller.PowerCommands.PowerCommandsConsole/PainKiller.PowerCommands.PowerCommandsConsole.csproj b/src/SecTools/PainKiller.PowerCommands.PowerCommandsConsole/PainKiller.PowerCommands.PowerCommandsConsole.csproj index 49db8ea..667017e 100644 --- a/src/SecTools/PainKiller.PowerCommands.PowerCommandsConsole/PainKiller.PowerCommands.PowerCommandsConsole.csproj +++ b/src/SecTools/PainKiller.PowerCommands.PowerCommandsConsole/PainKiller.PowerCommands.PowerCommandsConsole.csproj @@ -7,7 +7,7 @@ enable enable p-sec-tools - 0.6.0.0 + 0.6.0.1 diff --git a/src/SecTools/SecTools.sln.DotSettings b/src/SecTools/SecTools.sln.DotSettings index 19435d8..e2c05f2 100644 --- a/src/SecTools/SecTools.sln.DotSettings +++ b/src/SecTools/SecTools.sln.DotSettings @@ -1,4 +1,5 @@  True True + True True \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/Commands/EpssCommand.cs b/src/SecTools/SecToolsCommands/Commands/EpssCommand.cs new file mode 100644 index 0000000..b20b23e --- /dev/null +++ b/src/SecTools/SecToolsCommands/Commands/EpssCommand.cs @@ -0,0 +1,23 @@ +using System.Net.Http.Json; +using SecToolsCommands.DomainObjects; + +namespace SecToolsCommands.Commands; + +[PowerCommandDesign( description: "Show the EPSS score for a given CVE vulnerability.", + arguments: "!", + example: "epss CVE-2022-27225")] +public class EpssCommand : CommandBase +{ + public EpssCommand(string identifier, PowerCommandsConfiguration configuration) : base(identifier, configuration) { } + + public override RunResult Run() + { + var cve = Input.SingleArgument; + var url = $"{Configuration.Epss.ApiUrl}{cve}"; + var httpClient = new HttpClient(); + var result = httpClient.GetFromJsonAsync(url).Result; + if (result == null || result.data.Length == 0) return Ok($"{url} returned no result"); + WriteCodeExample("EPSS: ",result.data.OrderByDescending(d => d.date).First().GetPercent()); + return Ok(); + } +} \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/Configuration/EpssConfiguration.cs b/src/SecTools/SecToolsCommands/Configuration/EpssConfiguration.cs new file mode 100644 index 0000000..9f68e0d --- /dev/null +++ b/src/SecTools/SecToolsCommands/Configuration/EpssConfiguration.cs @@ -0,0 +1,6 @@ +namespace SecToolsCommands.Configuration; + +public class EpssConfiguration +{ + public string ApiUrl { get; set; } = "https://api.first.org/data/v1/epss?cve="; +} \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/Configuration/PowerCommandsConfiguration.cs b/src/SecTools/SecToolsCommands/Configuration/PowerCommandsConfiguration.cs index 9df9e2c..4d91401 100644 --- a/src/SecTools/SecToolsCommands/Configuration/PowerCommandsConfiguration.cs +++ b/src/SecTools/SecToolsCommands/Configuration/PowerCommandsConfiguration.cs @@ -7,6 +7,7 @@ public class PowerCommandsConfiguration : CommandsConfiguration public DockerDesktopConfiguration DockerDesktop { get; set; } = new(); public CdxgenConfiguration Cdxgen { get; set; } = new(); public DependencyTrackerConfiguration DependencyTracker { get; set; } = new(); + public EpssConfiguration Epss { get; set; } = new(); public ToolbarConfiguration? StartupToolbar { get; set; } } } \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/DomainObjects/ExploitPrediction.cs b/src/SecTools/SecToolsCommands/DomainObjects/ExploitPrediction.cs new file mode 100644 index 0000000..8902ba0 --- /dev/null +++ b/src/SecTools/SecToolsCommands/DomainObjects/ExploitPrediction.cs @@ -0,0 +1,13 @@ +namespace SecToolsCommands.DomainObjects; + +public class ExploitPrediction +{ + public string status { get; set; } + public int statuscode { get; set; } + public string version { get; set; } + public string access { get; set; } + public int total { get; set; } + public int offset { get; set; } + public int limit { get; set; } + public ExploitPredictionScore[] data { get; set; } +} \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/DomainObjects/ExploitPredictionScore.cs b/src/SecTools/SecToolsCommands/DomainObjects/ExploitPredictionScore.cs new file mode 100644 index 0000000..c195fbd --- /dev/null +++ b/src/SecTools/SecToolsCommands/DomainObjects/ExploitPredictionScore.cs @@ -0,0 +1,12 @@ +using System.Globalization; + +namespace SecToolsCommands.DomainObjects; + +public class ExploitPredictionScore +{ + public string cve { get; set; } + public string epss { get; set; } + public string percentile { get; set; } + public string date { get; set; } + public string GetPercent() => double.TryParse(percentile, NumberStyles.Float, CultureInfo.InvariantCulture, out var value) ? $"{value * 100:0.00}%" : "-"; +} \ No newline at end of file diff --git a/src/SecTools/SecToolsCommands/PowerCommandsConfiguration.yaml b/src/SecTools/SecToolsCommands/PowerCommandsConfiguration.yaml index 8f1fcb6..d958e84 100644 --- a/src/SecTools/SecToolsCommands/PowerCommandsConfiguration.yaml +++ b/src/SecTools/SecToolsCommands/PowerCommandsConfiguration.yaml @@ -29,6 +29,8 @@ configuration: frontendImage: dependencytrack/frontend frontendContainer: dtrack-frontend frontendPorts: 8080:8080 + epss: + apiUrl: https://api.first.org/data/v1/epss?cve= startupToolbar: hideToolbarOption: OnCommandHighlighted toolbarItems: