blob: 9c5330e4cf49420386ffd744ebe13a1718aa84ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# cve-poc-mon
## What this is
GitHub CVE Proof of Concept scraper, deployed with GitHub actions to fetch and clone any newly published CVE PoCs matching the format of `cve-<current_year>`, into the `pocs/` directory.
Cloned repositories are not added as submodules and a workflow step renames all `.git` directories into `.git.bak`; this can be reverted to inspect commit history.
You can find the live version hosted through GitHub Pages at [https://cve.heqnx.com](https://cve.heqnx.com) and a simple RSS feed at [https://cve.heqnx.com/feed.xml](https://cve.heqnx.com/feed.xml)
## Run it yourself
Compile `cve-poc-mon` from the `src/` directory with either `go build`, `make` for all targets, or `make <target>` for a specific target (e.g., `make linux-amd64`).
Set up your own GitHub Actions workflow; check [.github/workflows/cve-poc-mon.yaml](.github/workflows/cve-poc-mon.yaml) to see how it runs in this repo.
## Cleanup steps for multiple binary blobs commited
- check blobs
```
git rev-list --objects --all | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | awk '$1 == "blob" && $3 > 100000' | sort -k3nr
```
- remove blobs
```
git filter-repo --invert-paths --path cve-poc-mon
```
- expire reflogs, gc
```
git reflog expire --expire=now --all
```
- force-push to remote repo
```
git push origin --force --all
```
|