110 Open source projects that are alternatives of or similar to nvdcve

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

✍️ A curated list of CVE PoCs.

👮 Security advisories of Nextcloud

Containing Self Made Perl Reproducers / PoC Codes

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

OSINT tool - gets data from services like shodan, censys etc. in one app

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

鹿不在侧，鲸不予游🐋

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A collection of JavaScript engine CVEs with PoCs

REST API backend for Reconmap

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

A simple framework for sending test payloads for known web CVEs.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Multi source CVE/exploit parser.

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

一些漏洞分析

The clever vulnerability dependency finder

威胁情报播报（停止运营）

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Hourly updated database of exploit and exploitation reports

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Extraction of iMessage Data via XSS

Modified Nuclei Templates Version to FUZZ Host Header

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

The knife of the Admin & Security auditor

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

漏洞研究

Original Automated CVE Checking Tool

Vulnerability (CVE) scanner for Nix/NixOS.

A collection of my public security advisories.

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞

pigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

cve-search - a tool to perform local searches for known vulnerabilities

Some personal exploits/pocs

汽车/安卓/固件/代码安全测试工具集

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Red Hat Dependency Analytics extension

PatrowlHears - Vulnerability Intelligence Center / Exploits

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

A social experiment

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Extensible framework for analyzing publicly available information about vulnerabilities

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

A simple Java command-line utility to mirror the entire contents of VulnDB.