cisagov/check-cve-2019-19781

This repository has been archived on 24/Oct/2020
Stars
105
Rank 328,196 (Top 7 %)
Language
Python
License
Creative Commons ...
Created almost 5 years ago
Updated almost 2 years ago

cisagov/check-cve-2019-19781

cisagov

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Test a host for susceptibility to CVE-2019-19781

check-cve-2019-19781 🔎🐞

This utility determines if a host appears susceptible to CVE-2019-19781.

Requirements

Python versions 3.6 and above. Note that Python 2 is not supported.

Installation

From a release:

pip install https://github.com/cisagov/check-cve-2019-19781/releases/download/v1.0.2/cve_2019_19781-1.0.2-py3-none-any.whl

From source:

git clone https://github.com/cisagov/check-cve-2019-19781.git
cd check-cve-2019-19781
pip install -r requirements.txt

Usage

To scan a host:

❱ cve-2019-19781 citrix.example.org

2020-01-10 22:11:46,312 WARNING citrix.example.org appears to be vulnerable.

Detailed usage information can be viewed with:

❱ cve-2019-19781 --help

Check for the existence of CVE-2019-19781 on a host machine.

EXIT STATUS
    This utility exits with one of the following values:
    0   The host does not seem vulnerable
    1   Command was invoked incorrectly
    2   The host appears to be vulnerable
    >2  An error occurred.

For more information about this vulnerability see:
    https://nvd.nist.gov/vuln/detail/CVE-2019-19781

Usage:
  cve-2019-19781 [options] <host>
  cve-2019-19781 (-h | --help)

Options:
  -h --help              Show this message.
  --log-level=LEVEL      If specified, then the log level will be set to
                         the specified value.  Valid values are "debug", "info",
                         "warning", "error", and "critical". [default: info]
  -r --retries=count     Number of times to retry a failed connection attempt before
                         giving up. [default: 2]
  -t --timeout=seconds   Number of seconds to wait during each connection attempt.
                         [default: 10]

Contributing

We welcome contributions! Please see CONTRIBUTING.md for details.

License

This project is in the worldwide public domain.

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

RedEye

RedEye is a visual analytic tool supporting Red & Blue Team operations

ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

Open Policy Agent

Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

cset

Cybersecurity Evaluation Tool

Sparrow

Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

log4j-scanner

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

log4j-affected-db

A community sourced list of log4j-affected software

CHIRP

A DFIR tool written in Python.

decider

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

LME

Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.

untitledgoosetool

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

pshtt

Scan domains and return data based on HTTPS best practices

crossfeed

External monitoring for organization assets

ESXiArgs-Recover

A tool to recover from ESXiArgs ransomware

trustymail

Scan domains and return data based on trustworthy email best practices

bad-practices

CISA's catalog of bad practices that are exceptionally risky.

development-guide

A set of guidelines and best practices for an awesome engineering team

ScubaGoggles

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

Open Policy Agent

cyber.dhs.gov

A site for CISA directives

dotgov-data

Official list of .gov domains

ICSNPP

Industrial Control Systems Network Protocol Parsers

findcdn

findCDN is a tool created to help accurately identify what CDN a domain is using.

prescup-challenges

President's Cup Cybersecurity Competition Challenges

shareable-soar-workflows

This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Response capabilities within their organizations.

parsnip

ansible-role-cobalt-strike

An Ansible role for installing Cobalt Strike.

cybersecurity-performance-goals

CISA's space for collaboration on the Cybersecurity Performance Goals.

PNT-Integrity

The PNT Integrity Library provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss.

join-cisagov

CISA is hiring! We’re looking for candidates passionate about our mission to lead the national effort to understand and manage cyber and physical risk to our critical infrastructure.

gophish-tools

Helpful tools for interacting with a GoPhish phishing instance

gophish-docker

Docker container for the gophish phishing framework.

ioc-scanner

Search a filesystem for indicators of compromise (IoC).

pca-gophish-composition

Phishing campaign docker composition for Gophish

vdp-in-fceb

Vulnerability disclosure policies in the US Government's executive branch

Epsilon

The Epsilon Algorithm Suite provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss.

check-your-pulse

This utility can help determine if indicators of compromise (IOCs) exist in the log files of a Pulse Secure VPN Appliance for CVE-2019-11510.

getgov

Building a new .gov registrar for a bright .gov future

postfix-docker

Docker container with a postfix server designed for use during phishing campaigns

dotgov-home

Homepage for the .gov registry

assessment-reporting-engine

skeleton-python-library

A skeleton project for quickly getting a new cisagov Python library started.

scanner

Automated pshtt, trustymail, and sslyze scanning

cyhy_amis

AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning

skeleton-docker

A skeleton project for quickly getting a new cisagov Docker container started.

admiral

Distributed certificate transparency log harvester

icsnpp-opcua-binary

Zeek OPCUA Binary Parser - CISA ICSNPP

pe-reports

Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.

icsnpp-enip

Zeek Ethernet/IP and CIP Parser - CISA ICSNPP

icsnpp-bacnet

Zeek BACnet Parser - CISA ICSNPP

ansible-role-clamav

Ansible role to install and enable the ClamAV virus scanner

lambda_functions

Generate AWS Lambda environment zip files for use by cisagov/domain-scan

icsnpp-s7comm

Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP

network-architecture-verification-and-validation

The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.

docker-kali-ansible

A systemd-enabled Kali Linux Docker image, in the spirit of geerlingguy/docker-debian11-ansible.

tic3.0

Collaborating on Trusted Internet Connection 3.0 use cases

icsnpp-genisys

Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IP

gh-skeleton

This extension for the gh CLI provides the ability to easily start new projects from our existing library of skeleton repositories.

scoping-validation-tool

SVT is a tool that can be used to verify ownership and location of assets during the scoping process of a penetration test.

orchestrator

Orchestrate gatherer, scanner, saver, and trustymail_reporter

pshtt_reporter

Generate HTTPS reports based on scan data

cyhy-mailer

Email Cyber Hygiene, Trustworthy Email, and HTTPS reports to the appropriate technical or distribution addresses

trustymail_reporter

Generate Trustworthy Email reports based on scan data

pre-commit-packer

Provides pre-commit hooks for Packer projects.

nessus-packer

Create machine images containing the Nessus vulnerability scanner

domain-manager-api

Flask API for Domain Manager

gatherer

Gather domains as a precursor to scanning

certboto-docker

Certbot container that stores its configuration in an AWS S3 bucket

icsnpp-modbus

Zeek Modbus Extension Scripts - CISA ICSNPP

ansible-role-kali

An Ansible role for provisioning kali

aws-profile-sync

Synchronize AWS credential profiles from remote sources

icsnpp-dnp3

Zeek DNP3 Extension Scripts - CISA ICSNPP

dmarc-import

A tool for parsing DMARC aggregate reports.

icsnpp-bsap-ip

Zeek BSAP over IP Parser - CISA ICSNPP

CISASuite

The CSET, Malcom, Con-PCA suite of tools

skeleton-generic

A generic skeleton project for quickly getting a new cisagov project started.

icsnpp-ethercat

Zeek Ethercat Parser - CISA ICSNPP

Sogu

This script generates a list of possible SOGU filenames based on serial numbers of active drives. It has the added functionality of searching each drive from the generated file list.

PNT-Integrity-Toolkit

The PNT Integrity DIY Toolkit describes how a perspective end-user of the PNT Integrity Library can assemble a demonstrational toolkit with commercial-off-the-shelf (COTS) hardware.

travis-wait-improved

A tool to help long-running, yet reticent, processes avoid death at the hands of Traivs-CI.

con-pca-api

API Docker Container for Con-PCA

.dotfiles

Generic set of dotfiles to get you started with a cisagov development environment

domain-manager-ui

UI for the Domain Manager

pen-testing-findings

A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.

vulnerable-instances

Virtual machines that are set up with a variety of known vulnerabilities.

scan-target-data

Contains data used to identify targets for scanning

openvpn-server-tf-module

Terraform module to create an OpenVPN server instance

ansible-role-burp-suite-pro

An Ansible role for installing Burp Suite Professional

con-pca-web

The website source and terraform code for continuous phishing assessment.

security-contact-finder

Making government security contacts accessible

con-pca-cicd

continuous phishing main repository

flare-misp-service

Automate the regular transfer of AIS data into a MISP Server

saver

Save scan results to a database

megazord-composition

ansible-role-openvpn

Ansible role to install an OpenVPN server and configure it to authenticate users certificates against FreeIPA.

ansible-role-amazon-efs-utils

An Ansible role for installing aws/efs-utils

awssh

Tool to simplify secure shell connections over AWS simple systems manager.

sslyze-lambda

AWS Lambda function for sslyze

cyhy-core

ncats-data-dictionary

cool-assessment-terraform

Terraform to deploy an assessment environment to the COOL