CISA Vulnerability Checker
by yeger00
A Python tool that uses DuckDB to query CISA's Known Exploited Vulnerabilities catalog. It allows users to quickly check for recent CVEs or determine if a specific CVE is present in the CISA list.
Last updated: N/A
What is CISA Vulnerability Checker?
The CISA Vulnerability Checker is a Python-based tool designed to interact with CISA's Known Exploited Vulnerabilities catalog. It leverages DuckDB's HTTPFS extension to directly query the JSON data from CISA's website, providing a fast and efficient way to identify and manage vulnerabilities.
How to use CISA Vulnerability Checker?
First, install the tool by cloning the repository and installing the package using pip. Then, use the command-line interface (CLI) to perform checks. You can retrieve recent CVEs using cisa-vuln-checker recent-cves --days <number> or cisa-vuln-checker recent-cves --hours <number>. To check for a specific CVE, use cisa-vuln-checker check-cve <CVE_ID>. To run the server, use uvicorn cisa_vuln_checker.server:app.
Key features of CISA Vulnerability Checker
Retrieves recent CVEs based on days or hours
Checks for the existence of specific CVEs
Uses DuckDB's HTTPFS for efficient data retrieval
Provides a command-line interface (CLI)
Supports integration with Claude via MCP
REST API available
Use cases of CISA Vulnerability Checker
Security professionals tracking recent vulnerabilities
System administrators checking for specific CVEs in their infrastructure
Integrating vulnerability checks into automated security workflows
Providing a vulnerability checking service through a REST API
Integrating with Claude to provide context-aware vulnerability information
FAQ from CISA Vulnerability Checker
How do I install the CISA Vulnerability Checker?
How do I install the CISA Vulnerability Checker?
Clone the repository, create a virtual environment, and install the package using pip install -e .
How do I get recent CVEs?
How do I get recent CVEs?
Use the command cisa-vuln-checker recent-cves --days <number> or cisa-vuln-checker recent-cves --hours <number>
How do I check if a specific CVE exists?
How do I check if a specific CVE exists?
Use the command cisa-vuln-checker check-cve <CVE_ID>
How do I run the server?
How do I run the server?
Use the command uvicorn cisa_vuln_checker.server:app
How do I configure Claude to use the CISA Vulnerability Checker?
How do I configure Claude to use the CISA Vulnerability Checker?
Add the provided MCP server configuration to your Claude configuration file.