A comprehensive Python-based web application for monitoring and receiving notifications about Zero-Day CVE (Common Vulnerabilities and Exposures) alerts.
- Real-time CVE Monitoring: Automatically fetches the latest CVE data from NIST's National Vulnerability Database
- Zero-Day Detection: Uses intelligent heuristics to identify potential zero-day vulnerabilities
- Custom Notifications: Email alerts with customizable filters for severity, vendors, and vulnerability types
- Interactive Dashboard: Modern web interface with real-time statistics and filtering capabilities
- REST API: Full API for programmatic access to CVE data
- Automated Scheduling: Background tasks for continuous monitoring and notifications
- Backend: Python, Flask, SQLAlchemy
- Frontend: Python (Flask templates with Jinja2), Bootstrap 5, JavaScript
- Database: SQLite (default), PostgreSQL/MySQL supported
- Scheduling: APScheduler for background tasks
- Email: SMTP integration for notifications
- API: RESTful API for CVE data access
- Python 3.8+
- pip (Python package manager)
-
Clone the repository:
git clone https://github.com/freddycodes23/ZeroDayAlerts.git cd ZeroDayAlerts -
Install dependencies:
pip install -r requirements.txt
-
Configure environment variables:
cp .env.example .env # Edit .env with your configuration -
Initialize the database:
python manage.py init-db
-
Create sample data (optional):
python manage.py create-sample-data
-
Run the application:
python app.py
The application will be available at http://localhost:5000
Create a .env file with the following variables:
# Application
SECRET_KEY=your-secret-key-here
DATABASE_URL=sqlite:///zeroday_alerts.db
# Email Configuration (for notifications)
MAIL_SERVER=smtp.gmail.com
MAIL_PORT=587
MAIL_USE_TLS=True
MAIL_USERNAME=your-email@gmail.com
MAIL_PASSWORD=your-app-password
# CVE API
CVE_API_URL=https://services.nvd.nist.gov/rest/json/cves/2.0For Gmail:
- Enable 2-factor authentication
- Generate an app-specific password
- Use the app password in
MAIL_PASSWORD
- Home Page: View latest CVE alerts with filtering options
- Dashboard: Real-time statistics and zero-day alerts overview
- Subscribe: Configure notification preferences
- Alert Details: Detailed information about specific CVEs
# Fetch latest CVEs
python manage.py fetch-cves --days 7
# Send notifications
python manage.py send-notifications
# Initialize database
python manage.py init-db
# Create sample data
python manage.py create-sample-dataGET /api/alerts- List all alerts with pagination and filteringGET /api/alerts/{id}- Get specific alert detailsGET /api/alerts/recent- Get recent alertsGET /api/alerts/zero-day- Get zero-day alerts onlyGET /api/stats- Get application statisticsPOST /api/subscribe- Subscribe to notifications
# Get recent critical alerts
curl "http://localhost:5000/api/alerts?severity=CRITICAL&page=1"
# Get zero-day alerts
curl "http://localhost:5000/api/alerts/zero-day"
# Subscribe to notifications
curl -X POST "http://localhost:5000/api/subscribe" \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "name": "John Doe", "severity_filter": ["HIGH", "CRITICAL"]}'ZeroDayAlerts/
├── app/
│ ├── __init__.py # Flask app factory
│ ├── models.py # Database models
│ ├── cve_fetcher.py # CVE data fetching logic
│ ├── notifications.py # Email notification service
│ ├── scheduler.py # Background task scheduler
│ ├── main/ # Main blueprint
│ │ ├── routes.py # Web routes
│ │ └── forms.py # Web forms
│ ├── api/ # API blueprint
│ │ └── routes.py # API endpoints
│ ├── templates/ # Jinja2 templates
│ └── static/ # CSS, JS, images
├── config.py # Configuration
├── app.py # Application entry point
├── manage.py # CLI management commands
├── requirements.txt # Python dependencies
└── .env # Environment variables
- CVE ID, description, severity, CVSS score
- Publication and modification dates
- Vendor and product information
- Zero-day classification flag
- Email, name, subscription status
- Creation date and activity status
- Severity filters, vendor filters
- Zero-day only option
- Email notification settings
- Notification history and delivery status
The application includes automated background tasks:
- CVE Fetching: Runs every 4 hours to get latest CVE data
- Notifications: Checks every 30 minutes for new alerts to send
- Database Cleanup: Periodic cleanup of old notification logs
- Input Validation: All user inputs are validated and sanitized
- CSRF Protection: Forms include CSRF tokens
- Email Verification: Email addresses are validated
- Rate Limiting: API endpoints can be rate-limited
- Secure Headers: Security headers are set automatically
-
Use a production WSGI server:
pip install gunicorn gunicorn -w 4 -b 0.0.0.0:8000 app:app
-
Use a production database:
DATABASE_URL=postgresql://user:password@localhost/zeroday_alerts
-
Set up reverse proxy (nginx/Apache)
-
Configure SSL/TLS for HTTPS
-
Set up monitoring and logging
FROM python:3.9-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
EXPOSE 5000
CMD ["gunicorn", "-w", "4", "-b", "0.0.0.0:5000", "app:app"]- Fork the repository
- Create a feature branch (
git checkout -b feature/new-feature) - Commit your changes (
git commit -am 'Add new feature') - Push to the branch (
git push origin feature/new-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Documentation: Check the code comments and docstrings
- Issues: Open an issue on GitHub for bugs or feature requests
- Security: Report security vulnerabilities privately
- NIST NVD: CVE data source
- Flask: Web framework
- Bootstrap: Frontend framework
- Contributors: Thanks to all contributors
Note: This application is for educational and monitoring purposes. Always verify CVE information from official sources before taking action.