|
| 1 | +# Metasploit Database Parser |
| 2 | + |
| 3 | +The open-source metasploit framework |
| 4 | +https://github.com/rapid7/metasploit-framework |
| 5 | +contains a JSON database listing each module within |
| 6 | +the tool along with a list of references to source URLs, |
| 7 | +vulnerability IDs, etc. |
| 8 | + |
| 9 | +The code in this repository performs the following tasks: |
| 10 | +1. Clones or pulls the latest metasploit code from github |
| 11 | +2. Parses the JSON database |
| 12 | +3. Extracts the relevant data from the JSON database |
| 13 | +4. Emits two CSV files: |
| 14 | + * A complete list of every file with every reference |
| 15 | + * A list of only CVE references and accompanying files |
| 16 | + |
| 17 | +## Usage |
| 18 | + |
| 19 | +Use of a virtual environment such as anaconda is highly |
| 20 | +recommended to avoid polluting your native python installation |
| 21 | +with possibly incompatible packages. |
| 22 | + |
| 23 | +This script was written using python 3.9. |
| 24 | +It should probably work for any version 3 python interpreter, although I make no guarantees of that. |
| 25 | + |
| 26 | +```bash |
| 27 | +conda create --name myenv python=3.9 |
| 28 | +conda activate myenv |
| 29 | +pip install -r requirements.txt |
| 30 | +``` |
| 31 | + |
| 32 | +Edit the `config.yaml` as needed. |
| 33 | + |
| 34 | +Run `main.py` |
| 35 | + |
| 36 | +```python |
| 37 | +python main.py |
| 38 | +``` |
| 39 | + |
| 40 | +Skim the output, or have a look at the resulting CSV files |
| 41 | +(in `./DATA` by default). |
| 42 | + |
0 commit comments