• Stars
    star
    174
  • Rank 219,104 (Top 5 %)
  • Language
    Python
  • Created about 1 year ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.

PatchaPalooza

A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.

image

🔗 Interactive Website

For more functionality I have built a live website:

image

📜 Description

PatchaPalooza uses the power of Microsoft's MSRC CVRF API to fetch, store, and analyze security update data. Designed for cybersecurity professionals, it offers a streamlined experience for those who require a quick yet detailed overview of vulnerabilities, their exploitation status, and more. This tool operates entirely offline once the data has been fetched, ensuring that your analyses can continue even without an internet connection.

🌟 Features

  • Retrieve Data: Fetches the latest security update summaries directly from Microsoft.
  • Offline Storage: Stores the fetched data for offline analysis.
  • Detailed Analysis: Analyze specific months or get a comprehensive view across months.
  • CVE Details: Dive deep into specifics of a particular CVE.
  • Exploitation Overview: Quickly identify which vulnerabilities are currently being exploited.
  • CVSS Scoring: Prioritize your patching efforts based on CVSS scores.
  • Categorized Overview: Get a breakdown of vulnerabilities based on their types.

🚀 Usage

Run PatchaPalooza without arguments to see an analysis of the current month's data:

python PatchaPalooza.py

For a specific month's analysis:

python PatchaPalooza.py --month YYYY-MMM

To display a detailed view of a specific CVE:

python PatchaPalooza.py --detail CVE-ID

To update and store the latest data:

python PatchaPalooza.py --update

For an overall statistical overview:

python PatchaPalooza.py --stats

📋 Requirements

  • Python 3.x
  • Requests library
  • Termcolor library

👏 Credits

This tool is built upon the Microsoft's MSRC CVRF API and is inspired by the work of @KevTheHermit.

📌 Author

Alexander Hagenah

⚠️ Disclaimer

This tool is meant for educational and professional purposes only. No license, so do with it whatever you like.