Nipper – Cisco PSIRT Manual Resource Update GuideMaking the most of our multiple Award-winning Security Software This guide is to assist with manually updating your Cisco PSIRT resources in Nipper. This guide is split into 4 main parts, 3 of which are manual. The first part and final part of this guide are around using a Python script which will automate the retrieving and updating process:
- You will need to create an account for Cisco API:
If you already have an account, please login.
- Once logged in, select “My Apps & Keys”:
- Then click “Register a New App”:
- Name the application “Cisco PSIRT openVuln API” and tick the “Cisco PSIRT openVuln API” tickbox:
- Tick the Terms of Service agreement at the bottom of the page and click “Register”:
- The application will now be created. Navigate back to “My App & Keys” to see the details under the “Applications” tab:
Once here, if you go the “Applications” tab, you will see your Application you just made, with the 2 key parts you need to copy “Key” and “Client Secret” the ones below will not work, you will need to use your own:
- Open a command window using Start and ‘command’ or ‘cmd’
- Then from here you will need to modify the command below to have your 2 values from your API:
curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=####Key#####" -d "client_secret=####Client Secret####" -d "grant_type=client_credentials"
After you have modified the command above to include your “Key” and “Client Secret”, then you will need to run this in command prompt similar to below:
After doing this, you will get an access token as shown on the last line, you will then need this for command below, you will also need to edit the last parameter to save in a location,
and it will need to be in a JSON format:
curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer ####access_token####" https://api.cisco.com/security/advisories/all > "C:/..."
After this you will see a file show up in the location specified:
- To add the PSIRT file to Nipper, open the Resource Manager by clicking on Manage Resources in the Tools menu.
The PSIRT file currently included is listed in the resource manager in the PSIRT group
As you are replacing a PSIRT file, you will first need to remove the old one, as the Resource Manager will not let you add a new file with the same name. Click on View Details for the file in question and click Remove.
To add the new file, click on New Resource to open the Add Resource wizard. Select the Cisco PSIRT resource type and click Next.
From here, you can select Add File. Add File will open a file explorer dialog and allow you to select the single PSIRT file you wish to add to Nipper.
Once you have added the PSIRT file, click Next to begin adding the file to Nipper. Once this process finishes, you should see the screen below.
Cisco PSIRT Vulnerability Audits run from Nipper will now include your custom PSIRT file.
By using this script it will automatically download the latest PSIRT, and update Nipper. You will need first download the script here: https://bitbucket.org/titanialtd/resource_updater/src. You would need Python 3 for this as well, if it downloaded to system path you will have to do this from the Python Directory.
You are required to have installed python, pip and pipenv.
For information about installing these, see the following links:
After doing this you will need to follow the “Creating the API” part of the guide once all of the requirements have been met and Python and the dependencies have been set up. You will be able to start following the steps below:
- Open a command prompt and navigate to the directory with the python file
- Run pipenv install to download the python modules needed to run.
- Once complete, run “pipenv run update_psirt.py”
- When prompted, enter your Cisco PSIRT API id and secret, obtainable with a free Cisco account from https://apiconsole.cisco.com/apps/mykeys.
- When prompted, enter the path to the directory Nipper is installed to. Do not include the executable. E.g. C:\Program Files\NipperStudio
- Nipper will now be updated with an up-to-date PSIRT resource file.