added cve-poc-mon

1 files changed, 41 insertions, 0 deletions

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..9c5330e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,41 @@
+# cve-poc-mon
+
+## What this is
+
+GitHub CVE Proof of Concept scraper, deployed with GitHub actions to fetch and clone any newly published CVE PoCs matching the format of `cve-<current_year>`, into the `pocs/` directory.
+
+Cloned repositories are not added as submodules and a workflow step renames all `.git` directories into `.git.bak`; this can be reverted to inspect commit history.
+
+You can find the live version hosted through GitHub Pages at [https://cve.heqnx.com](https://cve.heqnx.com) and a simple RSS feed at [https://cve.heqnx.com/feed.xml](https://cve.heqnx.com/feed.xml)
+
+## Run it yourself
+
+Compile `cve-poc-mon` from the `src/` directory with either `go build`, `make` for all targets, or `make <target>` for a specific target (e.g., `make linux-amd64`).
+
+Set up your own GitHub Actions workflow; check [.github/workflows/cve-poc-mon.yaml](.github/workflows/cve-poc-mon.yaml) to see how it runs in this repo.
+
+## Cleanup steps for multiple binary blobs commited
+
+- check blobs
+
+```
+git rev-list --objects --all | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | awk '$1 == "blob" && $3 > 100000' | sort -k3nr
+```
+
+- remove blobs
+
+```
+git filter-repo --invert-paths --path cve-poc-mon
+```
+
+- expire reflogs, gc
+
+```
+git reflog expire --expire=now --all
+```
+
+- force-push to remote repo
+
+```
+git push origin --force --all
+```