README
¶
The VulnCheck CLI
vci is access to the VulnCheck API on the command line. It brings index browsing, backup management, and vulnerability scanning to the terminal.
Installation
vci is available for MacOS, Linux, and Windows. You can download precompiled binaries from our releases page
[!NOTE] Support for package managers is coming soon.
Configuration
- Run
vci auth loginto authenticate with your VulnCheck account. - Alternatively
vciwill respect theVC_TOKENenvironment variable. vci authby itself will show other options like checking your status and logging out.
Available commands
- Browse/list indices
- Browse/list an index
- Download a backup
- Request vulnerabilities related to a CPE
- Request vulnerabilities related to a PURL
- Scan a repository for vulnerabilities
Browse/list indices
You can browse all available indices interactively or output them as a list
vci indices browse|list <search> [flags]
You can search for a specific index by passing a search term.
[!TIP] Pressing
[Enter]on an index while browsing will begin browsing that particular index
Flags (list only)
| Flag | Description |
|---|---|
| --json | Output the list of indices in JSON format. |
Browse/list an index
You can browse the contents of any index interactively or output some as JSON
vci index browse|list <index> [flags]
Flags
| Flag | Type | Description |
|---|---|---|
| --alias | string | Alias |
| --asn | string | Asn |
| --botnet | string | Botnet |
| --country | string | Country |
| --countrycode | string | CountryCode |
| --cursor | string | Cursor |
| --cve | string | Cve |
| --hostname | string | Hostname |
| --iava | string | Iava |
| --id | string | ID |
| --lastmodenddate | string | LastModEndDate |
| --lastmodstartdate | string | LastModStartDate |
| --limit | string | Limit |
| --mispid | string | MispId |
| --mitreid | string | MitreId |
| --nextcursor | string | NextCursor |
| --order | string | Order |
| --page | string | Page |
| --prevcursor | string | PrevCursor |
| --pubenddate | string | PubEndDate |
| --pubstartdate | string | PubStartDate |
| --ransomware | string | Ransomware |
| --sort | string | Sort |
| --threatactor | string | ThreatActor |
| --help | Show help for command |
Download a backup
Download a backup of a specified index either interactively or retrieve a signed temporary URL
vci backup download|url <index>
Flags (url only)
| Flag | Description |
|---|---|
| --json | Output the download URL in JSON format. |
Request vulnerabilities related to a CPE
Based on the specified CPE (Common Platform Enumeration) URI string, this endpoint will return a list of vulnerabilities that are related to the package. We support v2.2 and v2.3
vci cpe <cpe>
Request vulnerabilities related to a PURL
Based on the specified PURL, this command will return a list of vulnerabilities that are related to the package. You can find a list of supported package managers here
vci purl <purl>
Scan a repository for vulnerabilities
This command will scan a directory for traces of packages via generating an SBOM and then check for vulnerabilities.
vci scan <path> [flags]
Flags
| Flag | Description |
|---|---|
| -f | Save scan results to output.json |
[!TIP] Looking to plug this into your Github Repository? Check out our own Action
Directories