OOGWAY Tool

OOGWAY tool: Enhancing vulnerability search efficiency

·

2 min read

OOGWAY Tool

OOGWAY is a powerful command-line utility designed to streamline the search for vulnerabilities and details regarding Common Vulnerabilities and Exposures (CVEs).

Overview

OOGWAY simplifies the process of searching for vulnerabilities and accessing CVE details through two primary sources: VulnersX and SHIFU. This tool offers a user-friendly interface for various vulnerability-related tasks, including package-specific vulnerability searches, detailed CVE information retrieval, and vulnerability comparison between different packages.

Features

  1. Vulnerability Search using VulnersX

    • Description: Search for vulnerabilities in specific software packages after a specified date.

    • Usage: Input package name and date (YYYY-MM-DD) to search for vulnerabilities.

    • Output: Displays a list of vulnerabilities found, including CVE IDs and summaries.

  2. CVE Details Search using SHIFU

    • Description: Retrieve detailed information about a specific CVE by entering its ID.

    • Usage: Input CVE ID to search for details.

    • Output: Displays CVE ID, summary, and associated details.

  3. Compare Vulnerabilities between Two Packages

    • Description: Compare vulnerabilities found in two different software packages after a specified date.

    • Usage: Input package names and date (YYYY-MM-DD) to compare vulnerabilities.

    • Output: Displays a list of common vulnerabilities found between the two packages, if any.

  4. Simple User Interface

    • Description: Provides a clear and concise command-line menu for user interaction.

    • Interactive Input: Prompts users for package names, CVE IDs, and search dates.

    • Error Handling: Provides error messages and prompts users to re-enter input in case of invalid choices or errors.

  5. Modular Design

    • Description: Utilizes separate modules for interacting with VulnersX and ShifuCVEFinder for code organization and maintainability.

    • Flexibility: Allows easy integration of additional vulnerability search sources.

    • Pythonic Code: Written in Python, adhering to best practices and conventions.

  6. Interactive and Responsive

    • Description: Continuously prompts users for input until exit, facilitating multiple search queries in a single session.

    • Real-time Feedback: Provides feedback during searches to keep users informed of search progress.

Installation

  1. Clone the GitHub repository to your local machine:

     git clone https://github.com/your-username/oogway.git
    
  2. Navigate to the project directory and install dependencies:

     cd oogway
     pip3 install -r requirements.txt
    

Usage

After installation, run the tool with the following command:

python3 oogway.py

Follow on-screen instructions to perform various vulnerability-related tasks.