Analysis_Tools

Vulnerability Analysis and Enrichment Tools

Tools for processing CVE records and generating CPE Applicability Statements. Processes CVE data from MITRE and NVD APIs to create interactive HTML reports for CPE matching and configuration generation.

Overview

Understanding the Problem Space:

For comprehensive insight into the challenges this tool addresses, see CPE Automation Challenges.

Dashboard Quick Links:

• Alias Mapping Dashboard
• Source Data Concerns Dashboard
• Generate Dataset Dashboard

CPE Applicability Generator

Processes CVE records to generate CPE Applicability Statements:

• Ingests CVE information from CVE List and NVD APIs
• Extracts CPE attribute values from affected product data
• Queries NVD /cpes/ API for matching CPE Names
• Processes results to identify relevant CPE Base String values
• Generates HTML reports for user review and selection
• Produces CPE Applicability Statements (configurations) from selected CPE Base Strings

Documentation

• CPE Automation Challenges - Problem domains, solutions, and codebase architecture
• Badge and Modal System Reference - Complete badge/modal system documentation
• CPE Caching System - Cache configuration and management
• Logging System - Structured logging patterns and configuration
• Dashboard Usage - Dashboard system and usage
• Dataset Generation - Dataset generation methodology and capabilities

Test Documentation

• Test Suites Overview - Comprehensive test documentation

Examples

The complete collection of generated pages is maintained at Hashmire/cpeApplicabilityGeneratorPages.

To access a specific CVE analysis page, use the following URL pattern:

https://hashmire.github.io/cpeApplicabilityGeneratorPages/generated_pages/[CVE-ID].html

Note: Not all CVEs are currently present in the dataset.

Usage

Dataset Generation

# Traditional status-based generation
python generate_dataset.py --statuses "Received" "Awaiting Analysis"

# Generate dataset for CVEs modified in the last 30 days
python generate_dataset.py --last-days 30

# Generate dataset for specific date range
python generate_dataset.py --start-date 2024-01-01 --end-date 2024-01-31

All dataset outputs are isolated in run-specific directories under runs/[timestamp]_[context]/logs/.

Alias Mapping Report Generation

# Generate alias extraction report from default NVD-ish cache (standalone)
python -m src.analysis_tool.reporting.generate_alias_report

# Generate report for specific source by name or UUID
python -m src.analysis_tool.reporting.generate_alias_report \
    --source-filter "Microsoft Corporation"

# Generate report using existing run directory from dataset generation
python -m src.analysis_tool.reporting.generate_alias_report \
    --run-id 2025-12-01_10-30-00_dataset_last_7_days_nvd-ish

Reports are generated as per-source files in runs/[timestamp]_alias_report/logs/:

• aliasExtractionReport_index.json - Source listing with statistics
• aliasExtractionReport_[source]_[id].json - Individual source reports with alias data
• Interactive HTML dashboard generated from report JSON files

Source Data Concern Report Generation

# Generate SDC report from default NVD-ish cache (standalone)
python -m src.analysis_tool.reporting.generate_sdc_report

# Generate report using existing run directory from dataset generation
python -m src.analysis_tool.reporting.generate_sdc_report \
    --run-id 2025-12-01_10-30-00_dataset_last_7_days_nvd-ish

Reports are generated as per-source files in runs/[timestamp]_sdc_report/logs/:

• sourceDataConcernReport_index.json - Source listing with statistics
• sourceDataConcernReport_[source]_[id].json - Individual source reports