Skip to content
This repository has been archived by the owner on May 15, 2024. It is now read-only.

Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.

License

Notifications You must be signed in to change notification settings

CERTCC/metasploit_json_parser

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Important

This project has been superseded by the parse_metasploit_metadata.py in our git_vul_driller project.

Metasploit Database Parser

The open-source metasploit framework https://github.com/rapid7/metasploit-framework contains a JSON database listing each module within the tool along with a list of references to source URLs, vulnerability IDs, etc.

The code in this repository performs the following tasks:

  1. Clones or pulls the latest metasploit code from github
  2. Parses the JSON database
  3. Extracts the relevant data from the JSON database
  4. Emits two CSV files:
    • A complete list of every file with every reference
    • A list of only CVE references and accompanying files

Usage

Clone this repository.

git clone <clone_url_for_this_repo>

Check out the branch you want (main or develop depending on your bug tolerance)

git checkout <branch>

Use of a virtual environment such as anaconda is highly recommended to avoid polluting your native python installation with potentially incompatible packages.

This script was written using python 3.9. It should probably work for any version 3 python interpreter, although I make no guarantees of that.

conda create --name myenv python=3.9
conda activate myenv
pip install -r requirements.txt

Edit the config.yaml as needed.

Run main.py

python main.py

Skim the output, or have a look at the resulting CSV files (in ./DATA by default).

About

Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Languages