diff --git a/README.md b/README.md
index 0bb735a..57f4b12 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ Miscellaneous scripts for different purposes. Mostly unrelated to each other.
| Email | [`mail-prepender.sh`](bin/mail-prepender.sh)
Shell (bash) | Prepends (to stdin/stdout) email header strings given in as flags `i`, `I`, `a`, or `A`; after possible mbox `From` & `Return-Path` header lines. Intended as a limited `formail` replacement that ignores the nyanses of the flags and simply prepends the valid (RFC 5322, 2.2) non-empty headers keeping the other headers as is. Flags `x` & `X` are implemented. Any other flags are ignored. |
| Git | [`git-find-commits-by-file-hash.sh`](bin/git-find-commits-by-file-hash.sh)
Shell (bash) | Search Git repository history for commits with SHA-256 checksum of a file. Answers the question "Has this version of this file ever been committed as the file on this path of this Git repository?" and shows a summary (`git show --stat`) of the matching commit(s). The `path` should be relative to the repository root.
`git-find-commits-by-file-hash.sh sha256sum path`|
| Infosec | [`netcat-proxy.sh`](bin/netcat-proxy.sh)
Shell (sh) | Creates a simple persistent TCP proxy with netcat & named pipes.
`netcat-proxy.sh listenport targethost targetport` |
-| Infosec | [`follow-cvelist.py`](bin/follow-cvelist.py)
Python 3 | Follow changes (commits) in CVEProject / [cvelistV5](https://github.com/CVEProject/cvelistV5). Requires git. Working directory must be the root of the cvelistV5 repository.
`follow-cvelist.py [-haou4] [-vvvv] [-i s] [-c N] [-w N]`|
+| Infosec | [`follow-cvelist.py`](bin/follow-cvelist.py)
Python 3 | Follow changes (commits) in CVEProject / [cvelistV5](https://github.com/CVEProject/cvelistV5). Requires git. Working directory must be the root of the cvelistV5 repository.
`follow-cvelist.py [-haoru4] [-vvvv] [-i s] [-c N] [-w N]`|
| Infosec | [`partialpassword.sh`](bin/partialpassword.sh)
Shell (bash) | Creates a new wordlist from a wordlist by replacing all ambiguous characters with all their possible combinations.
`partialpassword.sh input.txt output.txt O0 [Il1 ...]` |
| Infosec | [`duplicate-ssh-hostkeys.sh`](bin/duplicate-ssh-hostkeys.sh)
Shell (bash) | Find duplicate SSH host keys in a CIDR range. Examine your network for shared host keys that could potentially be dangerous.
`duplicate-ssh-hostkeys.sh CIDR [HostKeyAlgorithm ...]` |
| Infosec
Automation | [`make-mac-prefixes.py`](bin/make-mac-prefixes.py)
Python 3 | Processes registered MAC address prefixes from [IEEE MA-L Assignments (CSV)](https://standards.ieee.org/products-programs/regauth/) (stdin) to Nmap's [`nmap-mac-prefixes`](https://github.com/nmap/nmap/blob/master/nmap-mac-prefixes) (stdout) with a few additional unregistered OUIs.
`curl https://standards-oui.ieee.org/oui/oui.csv \| make-mac-prefixes.py > nmap-mac-prefixes` |
diff --git a/bin/follow-cvelist.py b/bin/follow-cvelist.py
index 20a60c1..4228f65 100755
--- a/bin/follow-cvelist.py
+++ b/bin/follow-cvelist.py
@@ -3,11 +3,12 @@
# ------------------------------------------------------------------------------
# Follow changes (commits) in CVEProject / cvelistV5
#
-# Usage: follow-cvelist.py [-haou4] [-vvvv] [-i s] [-c N] [-w N]
+# Usage: follow-cvelist.py [-haoru4] [-vvvv] [-i s] [-c N] [-w N]
#
# -h, --help show this help message and exit
# -a, --ansi add ansi colors to the output (default: False)
# -o, --once only the current tail; no active follow (default: False)
+# -r, --reload-only skip pulls & only follow local changes (default: False)
# -u, --url prefix cve with url to nvd nist details (default: False)
# -4, --cvss4 show cvss 4.0 score instead of cvss 3.1 (default: False)
# -v, --verbose each -v increases verbosity (commits, git pull, raw data)
@@ -39,7 +40,8 @@
def main(args: argparse.Namespace) -> None:
cvelist = CvelistFollower(args)
cvelist.header()
- cvelist.pull()
+ if not args.reload_only:
+ cvelist.pull()
cvelist.history()
if not args.once:
cvelist.monitor()
@@ -148,7 +150,13 @@ def monitor(self) -> None:
for x in range(self.args.interval):
self.check_interrupt()
time.sleep(1)
- self.pull()
+ if not self.args.reload_only:
+ self.pull()
+ elif self.args.verbose > 1:
+ print(
+ f"{time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())} Reload",
+ file=sys.stderr,
+ )
new_cursor = self.get_cursor()
if new_cursor != cursor:
if self.args.verbose > 0:
@@ -162,7 +170,11 @@ def pull(self) -> None:
result = subprocess.run(
["git", "pull"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT
)
- print(result.stdout.decode("utf-8").strip(), file=sys.stderr)
+ print(
+ f"{time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())} "
+ f"{result.stdout.decode('utf-8').strip()}",
+ file=sys.stderr,
+ )
else:
subprocess.call(
["git", "pull"], stdout=subprocess.DEVNULL, stderr=subprocess.STDOUT
@@ -537,7 +549,7 @@ def check_positive(value: str) -> int:
if __name__ == "__main__":
argParser = argparse.ArgumentParser(
description="Follow changes (commits) in CVEProject / cvelistV5",
- usage="%(prog)s [-haou4] [-vvvv] [-i s] [-c N]",
+ usage="%(prog)s [-haoru4] [-vvvv] [-i s] [-c N] [-w N]",
epilog="Requires git. "
"Working directory must be the root of the cvelistV5 repository.",
formatter_class=argparse.ArgumentDefaultsHelpFormatter,
@@ -556,6 +568,13 @@ def check_positive(value: str) -> int:
help="only the current tail; no active follow",
default=False,
)
+ argParser.add_argument(
+ "-r",
+ "--reload-only",
+ action="store_true",
+ help="skip pulls & only follow local changes",
+ default=False,
+ )
argParser.add_argument(
"-u",
"--url",
@@ -582,7 +601,7 @@ def check_positive(value: str) -> int:
"--interval",
type=check_positive,
metavar="s",
- help="pull interval in seconds",
+ help="pull/reload interval in seconds",
default=150,
)
argParser.add_argument(
@@ -611,4 +630,10 @@ def check_positive(value: str) -> int:
}
if args.verbose > 0:
print(f"VERBOSITY: {verbosity[args.verbose]}", file=sys.stderr)
+ if args.reload_only:
+ print(
+ "Reload only mode; "
+ "make sure the periodic 'git pull' gets run somewhere else",
+ file=sys.stderr,
+ )
main(args)