Windows Audit
Audit Windows host via installed KB¶
Fast audit Windows hosts for installed security KB. Windows audit requires OS version + list of installed updates (KB).
- The OS version can be obtained from systeminfo;
- The list of installed updates is also via systeminfo or via wmic qfe list.
Query:
POST /api/v3/audit/kb/
Query example:
curl -XPOST https://vulners.com/api/v3/audit/kb/ -H 'Content-Type: application/json' -d '{
"os": "Windows Server 2012 R2",
"kbList": ["KB4072650", "KB2959936", "KB2894856", "KB2896496"],
"apiKey": "{API key}"
}'
win_vulners = vulners_api.kbAudit(
os="Windows Server 2012 R2", kb_list=["KB4072650", "KB2959936", "KB2894856", "KB2896496"])
need_2_install_kb = win_vulners['kbMissed']
affected_cve = win_vulners['cvelist']
[
"KB3165270",
"KB3159398",
"KB4048961",
"KB4592484",
"KB3165191",
"KB3171910",
"KB4074597",
"KB3134228",
"KB3110329",
"KB3124605",
"KB3061512",
"KB2973351",
"KB3164028",
"KB3138938",
"KB3143141",
"KB3046017",
"KB4343888",
"KB3156059",
"KB2933826",
"KB4467703",
"KB3010788",
"KB4512489",
"KB4462941",
"KB4462901",
"KB3161958",
"KB2909210",
"KB3139914",
"KB3178466",
"KB3030377",
"KB2975689",
"KB3105864",
"KB3108371",
"KB3119075",
"KB3199647",
"KB3022777",
"KB2962478",
"KB4010319",
"KB2969259",
"KB3148528",
"KB4499165",
"KB3143145",
"KB3178465",
"KB3143142",
"KB2975625",
"KB3116162",
"KB3045755",
"KB3178539",
"KB3143081",
"KB4013075",
"KB4471322",
"KB4493467",
"KB3080129",
"KB4586823",
"KB4013076",
"KB2984615",
"KB3156754",
"KB3205400",
"KB3170005",
"KB3082089",
"KB2962073",
"KB3072631",
"KB3164065",
"KB3059317",
"KB4487028",
"KB4486459",
"KB4578623",
"KB2962488",
"KB3108604",
"KB3089656",
"KB3199173",
"KB3143148",
"KB4013389",
"KB3104521",
"KB4010320",
"KB3148527",
"KB4457143",
"KB4537803",
"KB4541505",
"KB3177393",
"KB3204066",
"KB4088879",
"KB3143136",
"KB4503290",
"KB3039976",
"KB3146723",
"KB3102939",
"KB3134811",
"KB3186973",
"KB4022717",
"KB4566371",
"KB3096447",
"KB3192892",
"KB4013082",
"KB4490128",
"KB4556853",
"KB3179577",
"KB3167691",
"KB4010321",
"KB2962490",
"KB3136041",
"KB4507704",
"KB2962485",
"KB3136082",
"KB3187754",
"KB3155784",
"KB3188733",
"KB3055642",
"KB3089669",
"KB3188724",
"KB2966061",
"KB3143146",
"KB4489883",
"KB4507457",
"KB4525250",
"KB3104503",
"KB4025333",
"KB3075220",
"KB3021674",
"KB4056898",
"KB2967487",
"KB3164302",
"KB3097966",
"KB2912390",
"KB2975685",
"KB3011443",
"KB3050995",
"KB3036220",
"KB3083992",
"KB4338824",
"KB4038793",
"KB2909158",
"KB3156016",
"KB3124901",
"KB3082458",
"KB3192884",
"KB3161949",
"KB3019978",
"KB3199135",
"KB3123479",
"KB3197873",
"KB2928120",
"KB3020393",
"KB3138962",
"KB3162343",
"KB3193479",
"KB4284878",
"KB3154846",
"KB3177404",
"KB2892074",
"KB3163622",
"KB3000483",
"KB3109103",
"KB4093115",
"KB3164294",
"KB3086255",
"KB3199120",
"KB3038680",
"KB4010318",
"KB2975684",
"KB3156017",
"KB4586768",
"KB3207328",
"KB3193706",
"KB3126434",
"KB4592495",
"KB3046339",
"KB2957189",
"KB4519108",
"KB4480964",
"KB2919355",
"KB3178467",
"KB4468323",
"KB3076949",
"KB4501226",
"KB2975681",
"KB3185848",
"KB3042058",
"KB3080348",
"KB3143118",
"KB3035126",
"KB3124584",
"KB3033889",
"KB4054522",
"KB2961899",
"KB4530730",
"KB4013074",
"KB4557900",
"KB3045685",
"KB4565540",
"KB4561673",
"KB3133043",
"KB2977292",
"KB4013078",
"KB3042553",
"KB4577071",
"KB3155520",
"KB3109560",
"KB3178469",
"KB4013083",
"KB4534309",
"KB4516064",
"KB3169704",
"KB2972621",
"KB2982998",
"KB4103715",
"KB4519990",
"KB3072000",
"KB3193227",
"KB3156987",
"KB4566425",
"KB2961908",
"KB4019213",
"KB3158222",
"KB3116130",
"KB4015547",
"KB4013081",
"KB3084135",
"KB4034672",
"KB3148522",
"KB2961858",
"KB3025421",
"KB4580325",
"KB3182248",
"KB3041836",
"KB4580358",
"KB3057110",
"KB3205651",
"KB2934418",
"KB3057191",
"KB3134700",
"KB3178034",
"KB3204063",
"KB4041687",
"KB2893294",
"KB3139398",
"KB3088903",
"KB3155451",
"KB3203859",
"KB2965161",
"KB3082487",
"KB3004361",
"KB3089657",
"KB3091287",
"KB3138910",
"KB3046359",
"KB3092601",
"KB4550970",
"KB3192392",
"KB2862152",
"KB3164036",
"KB2962486",
"KB3195360",
"KB3164038",
"KB3096443",
"KB3105256",
"KB3171481",
"KB3078662",
"KB3185879",
"KB3148541",
"KB4012213",
"KB3071756",
"KB4502496"
]
[
"CVE-2017-0055 ",
"CVE-2016-0195",
"CVE-2017-0095",
"CVE-2015-0008",
"CVE-2017-0039",
"CVE-2016-0101",
"CVE-2015-1702",
"CVE-2014-1767",
"CVE-2016-3374",
"CVE-2017-0001",
"CVE-2016-7226",
"CVE-2015-2461",
"CVE-2015-2423",
"CVE-2015-2515",
"CVE-2014-0318",
"CVE-2016-0044",
"CVE-2016-3223",
"CVE-2017-5715",
"CVE-2016-3258",
"CVE-2014-6332",
"CVE-2016-3263",
"CVE-2015-6101",
"CVE-2016-0073",
"CVE-2016-3218",
"CVE-2014-0317",
"CVE-2016-3301",
"CVE-2016-0090",
"CVE-2016-3340",
"CVE-2017-0042",
"CVE-2014-1817",
"CVE-2016-7257",
"CVE-2016-0038",
"CVE-2016-0178",
"CVE-2018-12207",
"CVE-2016-7247",
"CVE-2017-0090",
"CVE-2016-3310",
"CVE-2016-0171",
"CVE-2015-0004",
"CVE-2016-3266",
"CVE-2016-3396",
"CVE-2018-3646",
"CVE-2016-3250",
"CVE-2016-3203",
"CVE-2016-3286",
"CVE-2016-0020",
"CVE-2018-3639",
"CVE-2015-1756",
"CVE-2014-2780",
"CVE-2017-0072",
"CVE-2017-0080",
"CVE-2017-0109",
"CVE-2015-2369",
"CVE-2015-0009",
"CVE-2016-7191",
"CVE-2015-1643",
"CVE-2017-0024",
"CVE-2017-0043",
"CVE-2017-0076",
"CVE-2015-2550",
"CVE-2017-0005",
"CVE-2016-0133",
"CVE-2016-0167",
"CVE-2016-0093",
"CVE-2017-0092",
"CVE-2017-0083",
"CVE-2016-3308",
"CVE-2015-0073",
"CVE-2014-2814",
"CVE-2016-3306",
"CVE-2015-6128",
"CVE-2020-17049",
"CVE-2015-6102",
"CVE-2017-0147",
"CVE-2016-3341",
"CVE-2015-2368",
"CVE-2016-0173",
"CVE-2016-0015",
"CVE-2015-2528",
"CVE-2016-7272",
"CVE-2015-2552",
"CVE-2016-7273",
"CVE-2016-0008",
"CVE-2016-3373",
"CVE-2015-2433",
"CVE-2017-0098",
"CVE-2016-3368",
"CVE-2016-3221",
"CVE-2016-3300",
"CVE-2016-3228",
"CVE-2016-0143",
"CVE-2015-1680",
"CVE-2018-12127",
"CVE-2017-0038",
"CVE-2016-0051",
"CVE-2016-3251",
"CVE-2016-3225",
"CVE-2017-0108",
"CVE-2017-0146",
"CVE-2017-8563",
"CVE-2017-0088",
"CVE-2016-3262",
"CVE-2016-0009",
"CVE-2014-1819",
"CVE-2017-0078",
"CVE-2014-4078",
"CVE-2015-2511",
"CVE-2016-3249",
"CVE-2016-0096",
"CVE-2018-3665",
"CVE-2015-2519",
"CVE-2016-7217",
"CVE-2016-0079",
"CVE-2016-3254",
"CVE-2016-0180",
"CVE-2016-3302 ",
"CVE-2016-7256",
"CVE-2019-1318",
"CVE-2016-7218",
"CVE-2016-7182",
"CVE-2017-0056",
"CVE-2016-3304",
"CVE-2016-3311",
"CVE-2015-2432",
"CVE-2017-0074",
"CVE-2015-2460",
"CVE-2016-0175",
"CVE-2017-0073",
"CVE-2015-0059",
"CVE-2015-2463",
"CVE-2016-3252",
"CVE-2017-0091",
"CVE-2016-3334",
"CVE-2015-6133",
"CVE-2017-0060",
"CVE-2015-0003",
"CVE-2017-0062",
"CVE-2014-2781",
"CVE-2016-7295",
"CVE-2016-3372",
"CVE-2016-0041",
"CVE-2016-3371",
"CVE-2017-0096",
"CVE-2016-3201",
"CVE-2015-6107",
"CVE-2017-0144",
"CVE-2016-3213",
"CVE-2015-2431",
"CVE-2015-1701",
"CVE-2014-4064",
"CVE-2016-0197",
"CVE-2017-0014",
"CVE-2015-6095",
"CVE-2015-2453",
"CVE-2017-0026",
"CVE-2016-7259",
"CVE-2015-2508",
"CVE-2016-3320",
"CVE-2015-2516",
"CVE-2015-6104",
"CVE-2016-7214",
"CVE-2015-6175",
"CVE-2016-7224",
"CVE-2017-0081",
"CVE-2016-0151",
"CVE-2015-6171",
"CVE-2015-2473",
"CVE-2016-0145",
"CVE-2015-2456",
"CVE-2017-0023",
"CVE-2019-1125",
"CVE-2014-1807",
"CVE-2015-2514",
"CVE-2015-0058",
"CVE-2015-2476",
"CVE-2016-3219",
"CVE-2015-2472",
"CVE-2017-0061",
"CVE-2016-0176",
"CVE-2016-0014",
"CVE-2016-7225",
"CVE-2016-3272",
"CVE-2017-0075",
"CVE-2015-0006",
"CVE-2016-0181",
"CVE-2016-0070",
"CVE-2016-7255",
"CVE-2016-0006",
"CVE-2015-1679",
"CVE-2016-0117",
"CVE-2016-0196",
"CVE-2015-2434",
"CVE-2016-0147",
"CVE-2016-0088",
"CVE-2015-2530",
"CVE-2018-12130",
"CVE-2015-0014",
"CVE-2015-0096",
"CVE-2016-3342",
"CVE-2016-0058",
"CVE-2015-2507",
"CVE-2020-1036",
"CVE-2015-6126",
"CVE-2017-0089",
"CVE-2016-3335",
"CVE-2014-0263",
"CVE-2013-5056",
"CVE-2016-7246",
"CVE-2016-3287",
"CVE-2016-0036",
"CVE-2015-0081",
"CVE-2015-2362",
"CVE-2016-3270",
"CVE-2016-0120",
"CVE-2016-3227",
"CVE-2019-11091",
"CVE-2017-0079",
"CVE-2017-0148",
"CVE-2015-1769",
"CVE-2016-3215",
"CVE-2015-2506",
"CVE-2016-3232",
"CVE-2016-3309",
"CVE-2016-3355",
"CVE-2016-0016",
"CVE-2016-0049",
"CVE-2016-3345",
"CVE-2015-2478",
"CVE-2017-0104",
"CVE-2017-0022 ",
"CVE-2016-3209",
"CVE-2017-0113",
"CVE-2016-3348",
"CVE-2015-1678",
"CVE-2017-0050",
"CVE-2016-7210",
"CVE-2016-3236",
"CVE-2015-1671",
"CVE-2017-0145",
"CVE-2017-0112",
"CVE-2016-0121",
"CVE-2015-2435",
"CVE-2016-3343",
"CVE-2016-3216",
"CVE-2016-0099",
"CVE-2016-3319",
"CVE-2015-1635",
"CVE-2015-2554",
"CVE-2015-2459",
"CVE-2015-6103",
"CVE-2016-7223",
"CVE-2014-1824",
"CVE-2016-0128",
"CVE-2015-2527",
"CVE-2018-0886",
"CVE-2016-3220",
"CVE-2015-2518",
"CVE-2016-3305",
"CVE-2016-3239",
"CVE-2015-2517",
"CVE-2015-2524",
"CVE-2016-0019",
"CVE-2015-0010",
"CVE-2015-0076",
"CVE-2015-2458",
"CVE-2017-0111",
"CVE-2016-3356",
"CVE-2014-1812",
"CVE-2016-3338",
"CVE-2016-3349",
"CVE-2016-7260",
"CVE-2015-2529",
"CVE-2020-1346",
"CVE-2016-3370",
"CVE-2016-3352",
"CVE-2015-0057",
"CVE-2015-0079",
"CVE-2017-0082",
"CVE-2018-12126",
"CVE-2017-0047",
"CVE-2017-0097",
"CVE-2016-0168",
"CVE-2015-2454",
"CVE-2015-1676",
"CVE-2016-0095",
"CVE-2016-3303",
"CVE-2016-0042",
"CVE-2017-0025",
"CVE-2015-2553",
"CVE-2017-0116",
"CVE-2016-7185",
"CVE-2015-6108",
"CVE-2016-0179",
"CVE-2014-0296",
"CVE-2014-0255",
"CVE-2016-7184",
"CVE-2017-0100",
"CVE-2015-2455",
"CVE-2015-2513",
"CVE-2014-1811",
"CVE-2015-0060",
"CVE-2016-3369",
"CVE-2016-0007",
"CVE-2017-0143",
"CVE-2017-5754",
"CVE-2017-0021",
"CVE-2016-0046",
"CVE-2016-0169",
"CVE-2014-1816",
"CVE-2016-3354",
"CVE-2015-2471",
"CVE-2016-0026",
"CVE-2016-7205",
"CVE-2016-3238",
"CVE-2016-0048",
"CVE-2017-0057",
"CVE-2015-0075",
"CVE-2017-0051",
"CVE-2016-0091",
"CVE-2015-2502",
"CVE-2015-6106",
"CVE-2016-3333",
"CVE-2015-6173",
"CVE-2016-0092",
"CVE-2017-0115",
"CVE-2017-0086",
"CVE-2016-0184",
"CVE-2016-3346",
"CVE-2019-11135",
"CVE-2016-0018",
"CVE-2016-0118",
"CVE-2016-3393",
"CVE-2016-0094",
"CVE-2016-3237",
"CVE-2016-3230",
"CVE-2015-6132",
"CVE-2016-3332",
"CVE-2017-00016",
"CVE-2015-2462",
"CVE-2015-2546",
"CVE-2016-0089",
"CVE-2016-0050",
"CVE-2017-0084",
"CVE-2014-1814",
"CVE-2017-0114",
"CVE-2015-6100",
"CVE-2015-2534",
"CVE-2015-6113",
"CVE-2015-6111",
"CVE-2016-0165",
"CVE-2015-0016",
"CVE-2017-0117",
"CVE-2015-2465",
"CVE-2015-2512",
"CVE-2018-3620",
"CVE-2014-0256",
"CVE-2015-2440",
"CVE-2016-3376",
"CVE-2015-1670",
"CVE-2015-2548",
"CVE-2016-0098",
"CVE-2015-2510",
"CVE-2017-0087",
"CVE-2017-0007",
"CVE-2016-0174",
"CVE-2016-0040",
"CVE-2015-2525",
"CVE-2015-0084",
"CVE-2015-1677",
"CVE-2016-0075",
"CVE-2017-0063",
"CVE-2015-6174",
"CVE-2017-0099",
"CVE-2017-0085",
"CVE-2019-2102",
"CVE-2015-2361",
"CVE-2016-0170",
"CVE-2016-0142",
"CVE-2015-6109",
"CVE-2014-1818",
"CVE-2015-2464",
"CVE-2015-1644",
"CVE-2015-2549",
"CVE-2014-6352",
"CVE-2013-3900",
"CVE-2016-7215",
"CVE-2016-0190",
"CVE-2016-3375",
"CVE-2016-7274"
]
Get Windows KB superseeding/parentseeding data¶
If you need more information about KB after previous method. Superseeding information will be returned as dict with two fields: 'superseeds', 'parentseeds'.
- Superseeds means "what KB are covered by this KB".
- Parentseeds means "what KB are covering this KB".
Query:
POST /api/v3/search/id/
Query example:
curl -XPOST https://vulners.com/api/v3/search/id/ -H 'Content-Type: application/json' -d '{
"id": "KB4524135",
"fields": ["superseeds", "parentseeds"],
"apiKey": "{API key}"
}'
superseeds = vulners_api.kbSuperseeds("KB4524135")
# Yes, not entirely obvious and logical. Returns dicts with superseeds and parentseeds.
{
"superseeds": [
"KB3021952",
"KB4103768",
"KB2699988",
"KB3100773",
"KB931768",
"KB4466536",
"KB4343205",
"KB896688",
"KB4462949",
"KB2977629",
"KB2817183",
"KB972260",
"KB4457426",
"KB980182",
"KB929969",
"KB4470199",
"KB2544521",
"KB4511872",
"KB2744842",
"KB2879017",
"KB2497640",
"KB2360131",
"KB4025252",
"KB2829530",
"KB4047206",
"KB3093983",
"KB4507434",
"KB4056568",
"KB960714",
"KB2530548",
"KB3203621",
"KB833989",
"KB2761451",
"KB3139929",
"KB4339093",
"KB4483187",
"KB969897",
"KB910620",
"KB942615",
"KB956390",
"KB937143",
"KB4052978",
"KB2416400",
"KB4018271",
"KB2987107",
"KB2870699",
"KB982381",
"KB2183461",
"KB2586448",
"KB958215",
"KB963027",
"KB2862772",
"KB4012204",
"KB4036586",
"KB3175443",
"KB933566",
"KB947864",
"KB2647516",
"KB4486474",
"KB944533",
"KB2976627",
"KB4074736",
"KB2792100",
"KB905915",
"KB922760",
"KB4489873",
"KB883939",
"KB2797052",
"KB2909212",
"KB4230450",
"KB3003057",
"KB4092946",
"KB2963952",
"KB978207",
"KB4034733",
"KB939653",
"KB976325",
"KB3154070",
"KB4040685",
"KB3038314",
"KB928090",
"KB2675157",
"KB4493435",
"KB3197655",
"KB896727",
"KB3034196",
"KB3049563",
"KB3032359",
"KB2618444",
"KB974455",
"KB938127",
"KB2838727",
"KB3148198",
"KB3191492",
"KB3170106",
"KB2559049",
"KB2809289",
"KB3058515",
"KB4014661",
"KB4516046",
"KB950759",
"KB925486",
"KB3036197",
"KB3124275",
"KB2799329",
"KB3008923",
"KB3078071",
"KB953838",
"KB3065822",
"KB2722913",
"KB4021558",
"KB3104002",
"KB912812",
"KB918899",
"KB2482017",
"KB3160005",
"KB2962872",
"KB4096040",
"KB916281",
"KB3185319",
"KB3087038",
"KB4480965",
"KB2761465",
"KB4089187",
"KB2846071",
"KB890923",
"KB4503259",
"KB4498206",
"KB3134814"
],
"parentseeds": [
"KB4571687",
"KB4534251",
"KB4540671",
"KB4586768",
"KB4519974",
"KB4525106",
"KB4530677",
"KB4556798",
"KB4565479",
"KB4561603",
"KB4537767",
"KB4550905",
"KB4577010"
]
}
Get list of Windows KB updates with download urls¶
Query:
POST /api/v3/search/lucene/
Query example:
curl -XPOST https://vulners.com/api/v3/search/lucene/ -H 'Content-Type: application/json' -d '{
"query": "type:msupdate AND kb:(KB4524135)",
"skip": 0,
"size": 100,
"fields": [
"id",
"title",
"description",
"type",
"bulletinFamily",
"cvss",
"published",
"modified",
"lastseen",
"href",
"sourceHref",
"sourceData",
"cvelist"],
"apiKey": "{API key}"
}'
microsoft_updates_for_kb = vulners_api.kbUpdates("KB4524135")
updates_download_links = [update.get('href') for update in microsoft_updates_for_kb]
[
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=ef31383a-7932-441a-a626-f0a145cc422a",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=18552c40-7e36-4f15-960a-9717a4912af1",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=375f016c-b4ac-4d71-9dee-8095427a3c86",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=2ca3d95f-1ecb-4850-aeb4-afb63cd6374a",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=72890150-da44-47b2-b1b5-7dce2d5d1a30",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=fba96f27-5955-45e1-82e5-ad350b4627e0",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=9668152f-78a1-44f9-a229-38e86189703a",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=e08d28ef-d685-412c-b0bc-8cc26bf899c3",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=a22dcbac-485a-4834-8556-fee2e437ab9b",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=db62995c-3814-4fd7-a481-dc285f0640e2",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=16216817-6043-4587-a803-9b3a9f3a58cc",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=393d67e1-8827-4c6d-9187-b6320a9a03bc",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=b18abca1-c8ec-4e43-9fa0-cc2b2a518304",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=96c42c78-234b-4ae7-b097-be0eb8ac6f25",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=63cc9ae6-6d02-4936-8b77-b976b440ff25",
"https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=2661795f-8beb-468f-9c4f-0de83724a90f"
]