cve-search

cve-search - a tool to perform local searches for known vulnerabilities

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

OSINT tool - gets data from services like shodan, censys etc. in one app

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Finding potential software vulnerabilities from git commit messages

SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.

Unofficial api for cve.mitre.org

Collection of PowerShell functinos and scripts a Blue Teamer might use

lightweight CVE search

CveXplore

An open source software directory and release tracker.

An unofficial, RESTful API for NIST's NVD

Exploits for various CVEs

CVEs <--> Metasploit-Framework modules

CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.

JitterBug passively searches for Basic Info, open ports, potential CVE's on the given Target IP in third party databases without Direct interaction with the target

Get new vulnerability alerts daily straight to your slack channel using GitHub Actions.

Get all cve corresponding to a specific keyword or a list of keywords from the mitre database (https://cve.mitre.org/)

Odoo 12.0 allows remote attackers to read local files.

IP-Finder is an Open Source Intelligence (OSINT) tool that helps collect IPs of Companies, Servers, Operating Systems and much more. It also reports all CVEs (with the associated Metasploit module to run) for which different endpoints are affected. This tool uses some of the best search engines (Shodan.io, ZoomEye.org and Censys.io)

FileRun application has many vulnerabilities such as cross-site scripting, open redirection, directory listing..

A Script to find fixes for CVE ids by parsing nvd website and respective git repository log.

Exploit-db (is NOT the official APP).

It is a Splunk App that pulls down CVE information from the National Vulnerability Database using its new JSON 1.0 feed. The app extracts CVE information, its impact, affected products, vendors and associated advisory and references. It could be a great addition to enrich data that your security team already looks into for creating very informative correlation.

Search a CVE based on a product name and version

An online catalog to compare cryptographic libraries

MidnightBSD security advisory client

CERT/CC's fork of the official Exploit Database repository in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.

CERT/CC's fork of Metasploit Framework in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.