Example CLI Commands
Getting Started w/ VulnCheck CLI
List all indices for which you have entitlements
vulncheck indices list
Browse an index
vulncheck index browse vulncheck-kev
Download a backup of an index
vulncheck backup download mitre-attack-cve
Vulnerability and Exploit Intelligence Commands
Lookup a CVE in an index
vulncheck index list exploits --cve cve-2024-3400
Lookup vulnerabilities associated w/ a CPE
vulncheck cpe "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
Lookup vulnerabilties associated w/ a PURL
vulncheck purl "pkg:pypi/aioxmpp@0.6.0"
Lookup a list of records in an index with a specific pubstart date
vulncheck index list vulncheck-kev --pubstartdate 2024-10-20
Lookup a list of records in an index with a specific pubend date
vulncheck index list vulncheck-kev --pubenddate 2023-10-20
Lookup a list of records in an index between a specific pubstart amd pubenddate date
vulncheck index list vulncheck-kev --pubstartdate 2024-10-01 --pubenddate 2024-10-05
Lookup a threat actor in the threat actors index
vulncheck index list threat-actors --threatactor "Cozy Bear"
Lookup a botnet in the botnets index
vulncheck index list botnets --botnet "Kinsing"
Lookup a ransomware family in the ransomware index
vulncheck index list ransomware --ransomware Cactus
IP Intelligence Commands
Lookup IPs associated with a hostname
vulncheck index list ipintel-3d --hostname router.asus.com
Lookup IPs that are potentially vulnerable or vulnerable to a CVE
vulncheck index list ipintel-3d --cve CVE-2023-27350
Lookup IPs associated with a country, ASN and ID in an IPIntel index
vulncheck index list ipintel-3d --country=Sweden --asn=AS16509 --id=initial-access
Lookup IPs that have “.gov” in the hostname, are potentially vulnerable to CVE-2024-24919, and geolocate in the United States
vulncheck index list ipintel-3d --hostname=.gov --countrycode=US --cve=CVE-2024-24919
Initial Access Intelligence Commands
List all Snort rules in VulnCheck Initial Access Intelligence
vulncheck rule snort
List all Suricata rules in VulnCheck Initial Access Intelligence
vulncheck rule suricata