Github-CVE-Listener
Get latest CVE EXP/POC from GitHub in WeChat!
Usage
- GitHub
- After that, a repo with the same name will show up in your account. Follow the steps below in your repository
- WeChat ”Server-Chan“
- Telegram Bot
preparations
fork my repo Sign up or log into your GitHub account and click the "fork" button on the page
Create a new GitHub Personal Access Token 1)Go to the New Token Page 2)Set note to
GH_TOKEN , select "repo",set expiration to no expiration,click Generate token ,and remember to COPY AND SAVE your token
Create a new repository secret 1)Go to Setting -> Secrets -> New repository secret,Create 6 secrets: Name them
GH_TOKEN SCKEY TOTAL_COUNT OPTION TG_CHAT_ID TG_TOKEN2)Update the values The value of
GH_TOKEN: Your GitHub Personal Access Token The value of TOTAL_COUNT: 0 * If you want to sent message to WeChat The value of SCKEY: Your SendKey * If you want to sent message to Telegram The value of TG_CHAT_ID: Your ID or the group's ID The value of TG_TOKEN: The bot's token
Run the program
Go to the Action Tab,Click the green button(I understand my workflow...) in the middle
After refreshing the page,you'll see a workflow called
CVE-Monitor,there should be a yellow exclamation mark on itSelect the
CVE-Monitor workflow,You'll see a notice(this schedule was disabled......)Press
enable workflow buttonClick star twice to start the workflow
Go to Action tab ->
CVE-Monitor workflow -> build -> Monitor CVE You'll see the logs of each workflow run, just check if there're any errorsNormally, you'll receive a message now
Last,if the program functioned correctly, secret
TOTAL_COUNT should be updatedOther info
The workflow is currently configured to run every 10 minutes,if you want to change that,go to AutoRun.yml, be sure to read the GitHub Docs.
Tip: GitHub will tell you the meaning of the schedule expression while you are changing it
