nexB
fedcode-next: Code pipeline and models to continuously collect related PoC for exploits of a vulnerability
To get this data, there are existing basic sources that we have already integrated. We should find more exploits in GitHub repos, and extract more data from existing sources.
This might be a good starting point:
- https://github.com/ycdxsb/PocOrExp_in_Github
- https://github.com/nomi-sec/PoC-in-GitHub
- We can import these POCs, these POCs will go into a separate table ( maybe same base as exploits) and will not be stored as exploits
- We will have boolean field "is_confirmed" by default False, and once someone reviews its True
@TG1999 @pombredanne
We have two options for importing this data:
-
Create our own GitHub repository and run a CI action to automatically collect PoCs from GitHub, similar to the script used here: https://github.com/ycdxsb/PocOrExp_in_Github/blob/main/exp.py#L99
-
Import data from one of the existing repositories below.
let's start with a trying to import one of these repos:
-
https://github.com/nomi-sec/PoC-in-GitHub This repository stores its data in JSON that includes details such as forks, stars, and more. However, it has no license, and the update rate is slow
-
https://github.com/ycdxsb/PocOrExp_in_Github This repository stores its data in a README.md, so the only extractable information is the PoC Git repository URLs. It is licensed under the MIT license.
For the model design: I think we should store this in a separate table since it doesn't fit the AdvisoryExploit model: https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/models.py#L3299C7-L3299C22
Or we could create a base model for exploits and put the common fields there.
class AdvisoryPOC(models.Model):
advisory = models.ForeignKey(
"AdvisoryV2",
related_name="pocs",
on_delete=models.CASCADE,
)
created_at = models.DateTimeField(null=True, blank=True)
updated_at = models.DateTimeField(null=True, blank=True)
url = models.URLField()
is_confirmed = models.BooleanField(default=False)