Let's imagine you are working as an ethical hacker/penetration tester. You have finished testing the given application and software. You would like to look up some CVE-s for this product. You are observing that your number one site which you always use is down. You have always dreamed to do a better version of that site anyway long time ago.
The followings are the requirements.
- The app should be able to get vulnerability details from the public API (https://cve.circl.lu/api/)
- The app should be able to implement a search function where someone can search for:
- CVE number
- Free text search (e.g. wordpress, microsoft, SQLi, xss, java) which shows all the related vulnerabilities
- The app should be able to show a nice "statistics" about the vulnerabilities per vendor per given year (e.g. microsoft 2017)
- The app should be able to subscribe someone for a "keyword" with e-mail
- For example if someone subscribe for "Wordpress" keyword then the app sends out an e-mail if there is a NEW vulnerability related to Wordpress