Skip to content

simtape/vulnerability-correlations

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
API-calls-vulnerablecode.py
API-calls-vulnerablecode.py
 
 
README.md
README.md
 
 
data-processing.py
data-processing.py
 
 

Repository files navigation

Vulnerability correlations

Scripts used to process data and stream on Gephi. The studies have as main goal the facilization of the creation of a network analysis based on the vulnerabilities in packages. The data used has been retrieved from the opensource database https://public.vulnerablecode.io/ The network created have as nodes the packages and the edges the vulnerabilities that two packages share.

API-calls-vulnerablecode

This file has some functions that help to retrieve data from vulnerablecode, using the endpoints provided by the database, searching by package or by vulnerability.

data-processing

grouping_by_packages()

Takes as input the filepath of the API calls response by package and create a JSON file where the keys are the packages and each package has an array with its vulnerabilities.

stream_packages_as_nodes(filepath: str)

Takes as input the filepath of the JSON package/vulnerabilities produced by the function grouping_by_packages() and streams, on Gephi, the packages as nodes and the vulnerabilities as edges.

Requirements

Gephi < v. 10.0.0

plugin Gephistream for Gephi

GephiStreamer https://pypi.org/project/GephiStreamer/

About

Network analysis of vulnerabilities in packages

Topics

python3 data-analysis gephi network-analysis

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages