Merge pull request #80 from zema1/limit-threatbook

feat: less push in threatbook
zema1 · Apr 29, 2024 · 525c0a4 · 525c0a4
2 parents 82c4d0c + bf2566e
commit 525c0a4
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## v1.8.2 (2024.04.29)
+
+### 变更
+
+- 改进微步数据源推送策略，降低古董漏洞推送数量
+
+
 ## v1.8.0 (2024.04.16)
 
 ### 新增

diff --git a/grab/threatbook.go b/grab/threatbook.go
@@ -6,6 +6,7 @@ import (
 
 	"github.com/imroc/req/v3"
 	"github.com/kataras/golog"
+	"github.com/pkg/errors"
 )
 
 type ThreatBookCrawler struct {
@@ -86,12 +87,34 @@ func (t *ThreatBookCrawler) GetUpdate(ctx context.Context, pageLimit int) ([]*Vu
 }
 
 func (t *ThreatBookCrawler) IsValuable(info *VulnInfo) bool {
+	// 漏洞太多了，规则严格一些
+	var hasPoc, hasAnalysis bool
 	for _, tag := range info.Tags {
-		if tag == "0day" || tag == "有Poc" || tag == "有漏洞分析" {
-			return true
+		if tag == "有Poc" {
+			hasPoc = true
 		}
+		if tag == "有漏洞分析" {
+			hasAnalysis = true
+		}
+	}
+	if !hasPoc || !hasAnalysis {
+		return false
 	}
-	return false
+	if info.Disclosure == "" {
+		return false
+	}
+	// 2024-04-29 format
+	dis, err := time.Parse("2006-01-02", info.Disclosure)
+	if err != nil {
+		t.log.Error(errors.Wrap(err, "parse disclosure time"))
+		return false
+	}
+	// 只看两周内的，古董漏洞就别推了
+	if time.Since(dis) > 14*24*time.Hour {
+		return false
+	}
+
+	return true
 }
 
 type threatBookHomepage struct {

diff --git a/main.go b/main.go
@@ -18,7 +18,7 @@ import (
 )
 
 var log = golog.Child("[main]")
-var Version = "v1.8.1"
+var Version = "v1.8.2"
 
 func main() {
 	golog.Default.SetLevel("info")