Cli

Example CLI Commands

A list of example commands that can be used with VulnCheck CLI.

Getting Started w/ VulnCheck CLI

List all indices for which you have entitlements

vulncheck indices list

Browse an index

vulncheck index browse vulncheck-kev

Download a backup of an index

vulncheck backup download mitre-attack-cve

Vulnerability and Exploit Intelligence Commands

Lookup a CVE in an index

vulncheck index list exploits --cve cve-2024-3400

Lookup vulnerabilities associated w/ a CPE

vulncheck cpe "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"

Lookup vulnerabilties associated w/ a PURL

vulncheck purl "pkg:pypi/aioxmpp@0.6.0"

Lookup a list of records in an index with a specific pubstart date

vulncheck index list vulncheck-kev --pubstartdate 2024-10-20

Lookup a list of records in an index with a specific pubend date

vulncheck index list vulncheck-kev --pubenddate 2023-10-20

Lookup a list of records in an index between a specific pubstart amd pubenddate date

vulncheck index list vulncheck-kev --pubstartdate 2024-10-01 --pubenddate 2024-10-05

Lookup a threat actor in the threat actors index

vulncheck index list threat-actors --threatactor "Cozy Bear"

Lookup a botnet in the botnets index

vulncheck index list botnets --botnet "Kinsing"

Lookup a ransomware family in the ransomware index

vulncheck index list ransomware --ransomware Cactus

IP Intelligence Commands

Lookup IPs associated with a hostname

vulncheck index list ipintel-3d --hostname router.asus.com

Lookup IPs that are potentially vulnerable or vulnerable to a CVE

vulncheck index list ipintel-3d --cve CVE-2023-27350

Lookup IPs associated with a country, ASN and ID in an IPIntel index

vulncheck index list ipintel-3d --country=Sweden --asn=AS16509 --id=initial-access

Lookup IPs that have “.gov” in the hostname, are potentially vulnerable to CVE-2024-24919, and geolocate in the United States

vulncheck index list ipintel-3d --hostname=.gov --countrycode=US --cve=CVE-2024-24919

Initial Access Intelligence Commands

List all Snort rules in VulnCheck Initial Access Intelligence

vulncheck rule snort

List all Suricata rules in VulnCheck Initial Access Intelligence

vulncheck rule suricata