Metadata-Version: 2.1
Name: scantechstackvulns
Version: 1.0.2
Summary: 
Home-page: https://github.com/devarajug/getTechStackVulns
Author: Devaraju Garigapati
Author-email: devarajugarigapati@gmail.com
Requires-Python: >=3.5,<4.0
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: bs4 (>=0.0.1,<0.0.2)
Requires-Dist: lxml (>=4.9.2,<5.0.0)
Requires-Dist: requests (>=2.28.1,<3.0.0)
Requires-Dist: simplexl (>=1.0.2,<2.0.0)
Project-URL: Repository, https://github.com/devarajug/getTechStackVulns
Description-Content-Type: text/markdown

## Get Technology Stack Vulnerabilities

This package is useful for fetching known vulnerabilities of third party components used in projects from [NVD](https://nvd.nist.gov/general) site.

## Getting Started
Using get-techstack-vulnerabilities takes almost no time! Simply install via the pip command:

```
pip install scantechstackvulns
```

From here you can import it into your source file by calling:

```
from scantechstackvulns import TechStack
```

## How it works
It takes list of thirdparty components with versions as a input and generates an excel file of known vulnerabilities of that list of components.

## Usage

The below is the way to use of this package

```
from scantechstackvulns import TechStack

technology_stack = [
    "postgresql 11.11",                     #|
    "spring framework vmware 4.3.25",       #| 
    "spring framework pivotal 4.3.25",      #|----- sample data
    "apache tomcat 9.0.58",                 #|
    "oracle jdk 1.8.0 update 252"           #|
]

output_file = "directory/file_name.xlsx"

TechStack.scan(techstack, output_file)
```

## Note
- technology stack must contain exact version
- as of now only xlsx extension supports in output file
- [here](https://github.com/devarajug/getTechStackVulns/blob/main/sample.xlsx) is the sample xlsx file to verify


# License

This repository is licensed under the [MIT](https://opensource.org/licenses/MIT) license.
See [LICENSE](https://opensource.org/licenses/MIT) for details.
