Metadata-Version: 2.4
Name: vulnerability-analyzer
Version: 1.2.0
Summary: Advanced vulnerability analysis library with comprehensive security intelligence (Python module: vulnerability_analyzer)
Author: D14b0l1c
License-Expression: MIT
Project-URL: Homepage, https://github.com/D14b0l1c/vulnerability-analyzer
Project-URL: Documentation, https://github.com/D14b0l1c/vulnerability-analyzer#readme
Project-URL: Repository, https://github.com/D14b0l1c/vulnerability-analyzer.git
Project-URL: Bug Tracker, https://github.com/D14b0l1c/vulnerability-analyzer/issues
Project-URL: Changelog, https://github.com/D14b0l1c/vulnerability-analyzer/blob/main/CHANGELOG.md
Keywords: vulnerability,security,cve,pcap,nmap,penetration-testing,security-assessment,network-analysis
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Developers
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Security
Classifier: Topic :: System :: Networking :: Monitoring
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pandas>=1.3.0
Requires-Dist: requests>=2.25.0
Requires-Dist: lxml>=4.6.0
Requires-Dist: scapy>=2.4.0
Requires-Dist: pyshark>=0.4.0
Requires-Dist: python-nmap>=0.7.0
Requires-Dist: tqdm>=4.60.0
Requires-Dist: colorama>=0.4.4
Requires-Dist: tabulate>=0.8.9
Requires-Dist: jinja2>=3.0.0
Provides-Extra: dev
Requires-Dist: pytest>=6.0; extra == "dev"
Requires-Dist: pytest-cov>=2.0; extra == "dev"
Requires-Dist: black>=21.0; extra == "dev"
Requires-Dist: flake8>=3.8; extra == "dev"
Requires-Dist: mypy>=0.800; extra == "dev"
Requires-Dist: pre-commit>=2.0; extra == "dev"
Provides-Extra: docs
Requires-Dist: sphinx>=4.0; extra == "docs"
Requires-Dist: sphinx-rtd-theme>=1.0; extra == "docs"
Requires-Dist: myst-parser>=0.15; extra == "docs"
Provides-Extra: all
Requires-Dist: pysploit[dev,docs]; extra == "all"
Dynamic: license-file

# Vulnerability Analyzer - Advanced Vulnerability Analysis Library

**Comprehensive Security Intelligence Platform**

Vulnerability Analyzer is an advanced vulnerability analysis library featuring comprehensive security intelligence from multiple authoritative sources. The library provides extensive vulnerability assessment capabilities with an integrated database containing over 55,000 vulnerabilities.

**Core Capabilities:**
- **Comprehensive Vulnerability Database** with 55,712 unique vulnerabilities
- **Multi-Source Intelligence Integration** - CVE, ExploitDB, NVD, RouterSploit  
- **Advanced Security Assessment** with pattern-based threat detection
- **High-Performance Architecture** with optimized in-memory database
- **Extensive Threat Analysis** and comprehensive security intelligence

Vulnerability Analyzer delivers comprehensive vulnerability assessment capabilities through integration with authoritative security databases including CVE, ExploitDB, NVD, and RouterSploit. The library features high-performance architecture designed for advanced security analysis and vulnerability management.

## Installation

### Version Support
Python 3.8+ is supported. Works on Windows, Linux, and macOS.

### Install from PyPI
```bash
pip install vulnerability-analyzer
```

### Install from Source
```bash
git clone https://github.com/D14b0l1c/vulnerability-analyzer.git
cd vulnerability-analyzer
pip install -e .
```

### Package vs Module Names
- **PyPI Package Name:** `vulnerability-analyzer` (for pip install)
- **Python Import Name:** `vulnerability_analyzer` (for import statements)

```python
# Install with pip
pip install vulnerability-analyzer

# Import in Python
import vulnerability_analyzer
```

## Quick Start

### Basic Vulnerability Assessment

```python
import vulnerability_analyzer

# Initialize the analysis engine
analyzer = vulnerability_analyzer.VulnerabilityAnalyzer()

# Define target services for assessment
services = [
    {'port': 80, 'service': 'http', 'version': '2.4.29', 'banner': 'Apache/2.4.29'},
    {'port': 22, 'service': 'ssh', 'version': '7.4', 'banner': 'OpenSSH_7.4'},
    {'port': 443, 'service': 'https', 'version': '1.14.2', 'banner': 'nginx/1.14.2'}
]

# Perform comprehensive vulnerability analysis
results = analyzer.analyze_service_vulnerabilities('192.168.1.100', services)

# Review assessment results
print(f"Services analyzed: {results['services_analyzed']}")
print(f"Vulnerabilities identified: {len(results['vulnerabilities_found'])}")
print(f"Security risk score: {results['risk_score']:.2f}")

# Display vulnerability details
for vulnerability in results['vulnerabilities_found']:
    print(f"- {vulnerability['title']} (Severity: {vulnerability['severity']})")
```

## Key Features

### Comprehensive Vulnerability Intelligence
- **55,712 Vulnerability Entries**: Complete database with multi-source integration
- **ExploitDB Integration**: 46,453 exploit signatures for comprehensive threat analysis
- **NVD Coverage**: 9,191 National Vulnerability Database entries
- **RouterSploit Modules**: 68 specialized router and IoT security assessments
- **Vulnerability Matching**: Match network signatures against known vulnerabilities
- **Report Generation**: Create detailed security assessment reports
- **Modular Design**: Import only the components you need

## API Documentation

### Core Modules

#### `vulnerability_analyzer.VulnerabilityDatabase`
```python
from vulnerability_analyzer import VulnerabilityDatabase

# Initialize database
db = VulnerabilityDatabase()

# Load vulnerability data
cves = db.load_cves()
exploits = db.load_exploits()
routersploit_data = db.load_routersploit()

# Search vulnerabilities
results = db.search("CVE-2021-44228")
router_vulns = db.search_by_category("router")
```

#### `vulnerability_analyzer.PcapAnalyzer`
```python
from vulnerability_analyzer import PcapAnalyzer

analyzer = PcapAnalyzer()

# Analyze PCAP file
results = analyzer.analyze("capture.pcap")

# Extract specific protocol data
http_data = analyzer.extract_http("capture.pcap")
dns_data = analyzer.extract_dns("capture.pcap")

# Apply vulnerability filters
router_traffic = analyzer.filter_router_traffic(results)
suspicious_patterns = analyzer.detect_suspicious_patterns(results)
```

#### `vulnerability_analyzer.NmapAnalyzer`
```python
from vulnerability_analyzer import NmapAnalyzer

analyzer = NmapAnalyzer()

# Parse Nmap XML
scan_results = analyzer.parse_xml("nmap_scan.xml")

# Extract service information
services = analyzer.extract_services(scan_results)

# Identify potential vulnerabilities
vulnerabilities = analyzer.identify_vulnerabilities(services)
```

#### `vulnerability_analyzer.VulnerabilityMatcher`
```python
from vulnerability_analyzer import VulnerabilityMatcher, VulnerabilityDatabase

db = VulnerabilityDatabase()
matcher = VulnerabilityMatcher(db)

# Match network data against vulnerabilities
pcap_matches = matcher.match_pcap_data(pcap_results)
nmap_matches = matcher.match_nmap_data(nmap_results)

# Get detailed match information
for match in pcap_matches:
    print(f"CVE: {match.cve_id}")
    print(f"Severity: {match.severity}")
    print(f"Description: {match.description}")
```

## Library Structure

```
vulnerability_analyzer/
├── __init__.py              # Main library interface
├── core/                    # Core functionality
│   ├── database.py          # Vulnerability database management
│   ├── pcap_analyzer.py     # PCAP analysis tools
│   ├── nmap_analyzer.py     # Nmap XML parsing
│   └── matcher.py           # Vulnerability matching engine
├── data/                    # Data management
│   ├── nvd.py              # NVD API integration
│   ├── exploitdb.py        # ExploitDB data handling
│   └── routersploit.py     # RouterSploit data integration
├── utils/                   # Utility functions
│   ├── filters.py          # Traffic and data filters
│   ├── reports.py          # Report generation
│   └── helpers.py          # Helper functions
└── examples/               # Usage examples
    ├── basic_analysis.py
    ├── pcap_scanning.py
    └── vulnerability_research.py
```

## Examples

### Basic Vulnerability Analysis
```python
import vulnerability_analyzer

# Initialize
db = vulnerability_analyzer.VulnerabilityDatabase()
analyzer = vulnerability_analyzer.PcapAnalyzer()

# Analyze network traffic
traffic_data = analyzer.analyze("network.pcap")

# Find vulnerabilities
matcher = vulnerability_analyzer.VulnerabilityMatcher(db)
vulnerabilities = matcher.match_traffic(traffic_data)

# Generate report
report = vulnerability_analyzer.generate_report(vulnerabilities, format="json")
```

### Router Vulnerability Assessment
```python
import vulnerability_analyzer

# Load router-specific vulnerability data
db = vulnerability_analyzer.VulnerabilityDatabase()
router_cves = db.search_by_category("router")

# Analyze router traffic
analyzer = vulnerability_analyzer.PcapAnalyzer()
router_traffic = analyzer.filter_router_traffic("capture.pcap")

# Match against router vulnerabilities
matcher = vulnerability_analyzer.VulnerabilityMatcher(db)
router_vulns = matcher.match_router_signatures(router_traffic)
```

### Integration with Existing Tools
```python
# Use with pandas for data analysis
import pandas as pd
import vulnerability_analyzer

db = vulnerability_analyzer.VulnerabilityDatabase()
cves_df = pd.DataFrame(db.load_cves())

# Filter high-severity CVEs
critical_cves = cves_df[cves_df['severity'] == 'CRITICAL']

# Use with requests for API integration
import requests
import pysploit

# Fetch live vulnerability feeds
nvd_updater = pysploit.NVDUpdater()
latest_cves = nvd_updater.fetch_recent_cves(days=7)
```

## Data Sources

- **National Vulnerability Database (NVD)**: https://services.nvd.nist.gov/rest/json/cves/2.0
- **ExploitDB**: https://gitlab.com/exploit-database/exploitdb
- **RouterSploit Framework**: https://github.com/threat9/routersploit

## Package Information

### Naming Convention
- **PyPI Package:** `vulnerability-analyzer` (used for installation)
- **Python Module:** `pysploit` (used for imports)
- **GitHub Repository:** `vulnerability-analyzer`

### Why Two Names?
The package was originally developed as "PySploit" but the name was already taken on PyPI. Rather than changing all the internal Python module names and breaking existing code, we chose to:
- Keep the Python module name as `pysploit` (for backward compatibility)
- Use `vulnerability-analyzer` as the PyPI package name (for distribution)

This follows common Python packaging practices where the distribution name can differ from the import name.

## License

MIT License - see LICENSE file for details.

## Contributing

1. Fork the repository
2. Create a feature branch
3. Add tests for new functionality
4. Submit a pull request
