Add your IoC to your Antivirus and Firewall Console by message. The Bot will take care of the hard work.
You can also keep updated with the list of Vulnerabilities of each day.
git clone git@github.com:safernandez666/TelegramBot.gitdocker build -t bot .docker run -e TOKEN_TELEGRAM="YOUR_TELEGRAM_TOKEN" -e TOKEN_VULDB="YOUR_VULDB_TOKEN" bot Dialogue between Bot and the Operator, where you are informed of directions to parse and impact the consoles.
Depending on the integration you want to do, CrowdStrike, Trend Micro, Palo Alto, etc. you can develop the method in engine.py once the parsing is done.
To consult the VulDB API and obtain the CVE's, you must generate a user and obtain the API Key. You will have the possibility to filter by vendor modifying your scope.
You can change the message time by modifying the following function found in send.py.
By default the message will be sent at 09:00 AM.
schedule.every().day.at("09:00").do(send_message, token, chat_id, get_notification()) Now you can have coffee ☕ checking what vulnerability should be addressed.
To send the message it is necessary to obtain the chat_id. The way to obtain it is as follows.
https://api.telegram.org/bot<YourBOTToken>/getUpdatesOr add @get_id_bot and ask! I hope it helps you, remember that I am not Dev.