diff --git a/core/__pycache__/forms.cpython-311.pyc b/core/__pycache__/forms.cpython-311.pyc index 7e82c9a..3651588 100644 Binary files a/core/__pycache__/forms.cpython-311.pyc and b/core/__pycache__/forms.cpython-311.pyc differ diff --git a/core/__pycache__/urls.cpython-311.pyc b/core/__pycache__/urls.cpython-311.pyc index 732b20f..d23514e 100644 Binary files a/core/__pycache__/urls.cpython-311.pyc and b/core/__pycache__/urls.cpython-311.pyc differ diff --git a/core/__pycache__/views.cpython-311.pyc b/core/__pycache__/views.cpython-311.pyc index cedcc73..7d78b68 100644 Binary files a/core/__pycache__/views.cpython-311.pyc and b/core/__pycache__/views.cpython-311.pyc differ diff --git a/core/forms.py b/core/forms.py index 21e602d..ed7a9bc 100644 --- a/core/forms.py +++ b/core/forms.py @@ -1,4 +1,8 @@ from django import forms class UploadFileForm(forms.Form): - file = forms.FileField() \ No newline at end of file + file = forms.FileField() + +class VulnerabilitySearchForm(forms.Form): + application_name = forms.CharField(max_length=100, label="Application Name") + application_website = forms.URLField(label="Application Website", required=False) \ No newline at end of file diff --git a/core/templates/core/index.html b/core/templates/core/index.html index 6a0a55d..b745fe1 100644 --- a/core/templates/core/index.html +++ b/core/templates/core/index.html @@ -63,6 +63,21 @@ +
+
+ + Vulnerability Search +
+
+
+
+ + +
+
+
+
+
diff --git a/core/templates/core/vulnerability_search.html b/core/templates/core/vulnerability_search.html new file mode 100644 index 0000000..a288bbe --- /dev/null +++ b/core/templates/core/vulnerability_search.html @@ -0,0 +1,25 @@ +{% extends 'base.html' %} + +{% block content %} +
+

Vulnerability Search

+
+ {% csrf_token %} + {{ form.as_p }} + +
+ + {% if results %} +
+

Search Results

+
+ {% for result in results %} +
+
{{ result.cve_id }}
+

{{ result.description }}

+
+ {% endfor %} +
+ {% endif %} +
+{% endblock %} diff --git a/core/urls.py b/core/urls.py index 048e0b9..a619f7a 100644 --- a/core/urls.py +++ b/core/urls.py @@ -1,8 +1,9 @@ from django.urls import path -from .views import dashboard, upload_inventory +from .views import dashboard, upload_inventory, vulnerability_search urlpatterns = [ path("", dashboard, name="dashboard"), path("upload/", upload_inventory, name="upload_inventory"), + path("search/", vulnerability_search, name="vulnerability_search"), ] \ No newline at end of file diff --git a/core/views.py b/core/views.py index 20a38a4..ba7bc06 100644 --- a/core/views.py +++ b/core/views.py @@ -1,8 +1,9 @@ from django.shortcuts import render, redirect from .models import Application, Vulnerability -from .forms import UploadFileForm +from .forms import UploadFileForm, VulnerabilitySearchForm import csv import io +import requests def dashboard(request): # Placeholder data @@ -47,3 +48,25 @@ def upload_inventory(request): else: form = UploadFileForm() return render(request, 'core/upload_inventory.html', {'form': form}) + +def vulnerability_search(request): + form = VulnerabilitySearchForm() + results = [] + if request.method == 'POST': + form = VulnerabilitySearchForm(request.POST) + if form.is_valid(): + application_name = form.cleaned_data['application_name'] + # Basic search using NVD API + url = f"https://services.nvd.nist.gov/rest/json/cves/1.0?keyword={application_name}" + try: + response = requests.get(url) + data = response.json() + if 'result' in data: + for cve_item in data['result']['CVE_Items']: + cve_id = cve_item['cve']['CVE_data_meta']['ID'] + description = cve_item['cve']['description']['description_data'][0]['value'] + results.append({'cve_id': cve_id, 'description': description}) + except requests.exceptions.RequestException as e: + form.add_error(None, f"Error fetching data from NVD: {e}") + + return render(request, 'core/vulnerability_search.html', {'form': form, 'results': results}) diff --git a/requirements.txt b/requirements.txt index e22994c..081e3cb 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ Django==5.2.7 mysqlclient==2.2.7 python-dotenv==1.1.1 +requests