API reference¶
Python 3 library for the Vulners Perimeter Scanner. It provides basic project management and data retrieval API for the automation and integration purposes.
Requirements¶
-
Python: Library was tested on a python3.
-
API key: Please, sign up at Vulners. Go to the personal menu by clicking at your name at the right top corner. Follow
API KEYStab. Generate API key with scope "api" and use it with the library.
Disclaimer¶
In examples below localhost is used as IP address, but Perimeter Scanner works only with public hosts. Also uuides are shortened in examples, not in real data.
Getting started¶
All the callable methods are using Vulners REST API. Automate your audit routines with Vulners. To get started you need to know your license id and control api quota left:
import vulners
vulners_api = vulners.VulnersVscanner(api_key="YOUR_API_KEY_HERE")
license_id = vulners_api.license()
license_quota = vulners_api.quota(license_id[0])
{
"licenseList": [
{
"id": "e0671ce0-..-bbb",
"type": "free",
"expiration": "2999-01-01T00:00:00"
},
{
"id": "d4657eb6-..-9d7",
"type": "vnmap-professional",
"expiration": "2022-04-15T00:00:00"
},
{
"id": "319b1ad1-..-45d",
"type": "professional",
"expiration": "2022-04-15T00:00:00"
}
]
}
{
"daily_quota": 102400,
"hourly_quota": 10240
}
Project management¶
To get started you should create new project. Project has three required parameters: name, notification and license id. Notification is an object, containing options such as period ("disabled", "asap", "hourly" or "daily") and method (via either or both email and slack). You can use method notification to create notification object, or method disabled_notification if you don't want to get notifications. So create new project with this code:
Create project¶
notification = vulners_api.notification("daily",
['email1@gmail.com'],
["https://hooks.slack.com/services/..."])
# if no notifications needed
# notification = vulners_api.disabled_notification()
project = vulners_api.project(project_name="my project",
license="0305fbd1-..-8a7",
notification=notification)
{
"_id": "4e0a9778-..-4d0",
"name": "my project",
"owner": "e5bc65b8-..-675",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"tasks_count": 0,
"tasks": [],
"admins": [],
"viewers": [],
"notification": {
"period": "daily",
"email": ["email1@gmail.com"],
"slack": ["https://hooks.slack.com/services/..."]
}
}
Edit project¶
With method project you can also edit existing project parameters. To set new values you should additionally specify project id. You should specify all parameters explicitly, otherwise it will be overwritten.
project = vulners_api.project(project_id=project['_id'],
project_name="new project name",
license=project['license']['id'],
notification = project['notification']
)
{
"_id": "4e0a9778-..-4d0",
"name": "new project name",
"owner": "e5bc65b8-..-675",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"tasks_count": 0,
"tasks": [],
"admins": [],
"viewers": [],
"notification": {
"period": "daily",
"email": ["email1@gmail.com"],
"slack": ["https://hooks.slack.com/services/..."]
}
}
Get project data¶
Using this method, you can also get data about existing projects:
projects = vulners_api.projects()
[{
"_id": "4e0a9778-..-4d0",
"name": "new project name",
"owner": "e5bc65b8-..-675",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"tasks_count": 0,
"tasks": [],
"admins": [],
"viewers": [],
"notification": {
"period": "daily",
"email": ["email1@gmail.com"],
"slack": ["https://hooks.slack.com/services/..."]
}
}]
Delete project¶
To delete project you can use this method:
result = vulners_api.delete_project(project['_id'])
None in case of success, or error message
Task Management¶
Second step is creating tasks. Task schedules network scan. To create task you should specify parent project id, task name, list of networks, enabled flag and schedule string.
Schedule string is a crontab string. It is a set of five fields which represent the time to execute the task. Crontab string contains following fields
minutes[0-59] hours[0-23] day_of_month[1-31] month[1-12] day_of_week[1-7]
Crontab string construction is quite complicated for our API refference, so you can use this manual and generator: crontab guru
Here are some examples
'*/10 * * * *' means "Task will start every 10th minute"
'0 10 * * *' means "Task will start at 10am every day"
'0 10 1 5 *' means "Task will start at 10am every first day of May"
'0 10 * * 1' means "Task will start at 10am every monday"
Create new task¶
To create new task use following method:
first_task = vulners_api.task(project_id=project['_id'],
name="first task",
networks=['example.com', '127.0.0.1'],
schedule='* 10 * * 1',
enabled=True
)
{
"_id": "52d0f18b-..-b60",
"name": "first task",
"schedule": "* 10 * * 1",
"networks": [
"example.com",
"127.0.0.1"
],
"validated_networks": [
"127.0.0.1/32",
"127.0.0.1/32"
],
"enabled": "False",
"valid": "True",
"total_hosts": 1,
"project_id": "4e0a9778-..-4d0",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"next_run": 1621850400.0,
"last_run": 0,
"resolved": [
"127.0.0.1",
"example.com"
],
"state": "disabled"
}
Edit task¶
To modify task parameters you should also specify existing task id.
first_task = vulners_api.task(project_id=project['_id'],
name="first task",
networks=['example.com', '127.0.0.1'],
schedule='* 10 * * 2',
enabled=True,
task_id=first_task['_id']
)
{
"_id": "52d0f18b-..-b60",
"name": "first task",
"schedule": "* 10 * * 2",
"networks": [
"example.com",
"127.0.0.1"
],
"validated_networks": [
"127.0.0.1/32",
"127.0.0.1/32"
],
"enabled": "False",
"valid": "True",
"total_hosts": 1,
"project_id": "4e0a9778-..-4d0",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"next_run": 1621850400.0,
"last_run": 0,
"resolved": [
"127.0.0.1",
"example.com"
],
"state": "disabled"
}
Force task¶
When task is enabled, it will start according your schedule. If needed, task can be forced with method start_task like this
first_task = vulners_api.start_task(project_id=project['_id'],
task_id=first_task['_id']
)
{
"_id": "52d0f18b-..-b60",
"name": "first task",
"schedule": "* 10 * * 2",
"networks": [
"example.com",
"127.0.0.1"
],
"validated_networks": [
"127.0.0.1/32",
"127.0.0.1/32"
],
"enabled": "False",
"valid": "True",
"total_hosts": 1,
"project_id": "4e0a9778-..-4d0",
"license": {
"id": "0305fbd1-..-8a7",
"name": "vnmap-professional:7a11ad6558a7",
"exp": 1649970000.0,
"max_hosts": 256,
"max_tasks": 5,
"daily_quota": 102400,
"hourly_quota": 10240,
"timing": 3,
"ports": "False"
},
"next_run": 1621850400.0,
"last_run": 0,
"resolved": [
"127.0.0.1",
"example.com"
],
"state": "disabled"
}
Delete task¶
You can delete task with method delete_task.
result = vulners_api.delete_task(project_id=project['_id'],
task_id=first_task['_id'])
None in case of success, or error message
Reports¶
Get results¶
Final step is getting results. When task finishes, you can get scanning results. Just call method results with project id
result = vulners_api.result(project_id=projects[0]['project_id'])
{
"_id": "62d6eab7-..-92b",
"project_id": "4e0a9778-..-4d0",
"ip": "127.0.0.1",
"addr": 846214729,
"name": "example.com",
"resolved": "",
"published": "2021-04-15T13:59:03Z",
"scan_info": [
{
"port": "22",
"protocol": "tcp",
"service": "ssh",
"product": "OpenSSH",
"version": "8.2p1 Ubuntu 4ubuntu0.1",
"ostype": "Linux",
"extrainfo": "Ubuntu Linux; protocol 2.0",
"cpe": "cpe:/a:openbsd:openssh:8.2p1",
"vulnerabilities": [
{
"id": "CVE-2020-12062",
"cvss": 5.0
},
{
"id": "CVE-2020-14145",
"cvss": 4.3
},
{
"id": "CVE-2020-15778",
"cvss": 6.8
},
{
"id": "CVE-2021-28041",
"cvss": 4.6
},
{
"id": "MSF:AUXILIARY/SCANNER/SSH/FORTINET_BACKDOOR/",
"cvss": 0.0
}
]
}
]
}
Clean up results¶
Sometimes it may be useful to cleanup your data. You can delete scan results with method delete_results.
result = vulners_api.delete_results(project_id=project['_id'])
None in case of success, or error message