451 Open source projects that are alternatives of or similar to Vulnerability Data Archive

The Correlated CVE Vulnerability And Threat Intelligence Database API

PatrowlHears - Vulnerability Intelligence Center / Exploits

Vulnerability (CVE) scanner for Nix/NixOS.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Defund the Police.

Imports Alienvault OTX pulses to a MISP instance

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

🔪Browser logic vulnerabilities ☠️

Best practices in threat intelligence

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

Domain name permutation engine written in Go

This repo contains logstash of various honeypots

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

MISP trainings, threat intel and information sharing training materials with source code

Standard-Format Threat Intelligence Feeds

Vulnerability Labs for security analysis

Tracking APT IOCs

A collection of JavaScript engine CVEs with PoCs

Extensible framework for analyzing publicly available information about vulnerabilities

漏洞研究

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Exploiting Edge's read:// urlhandler

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Poc Collected for study and develop

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

A dashboard for a real-time overview of threat intelligence from MISP instances

Utilities for Sysmon

🚌 The missing link to connect open-source threat intelligence tools.

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Extraction of iMessage Data via XSS

CLI tool for open source and threat intelligence

Original Automated CVE Checking Tool

REST API backend for Reconmap

汽车/安卓/固件/代码安全测试工具集

recon-ng modules for Censys

internet monitoring osint telegram bot for windows

A collection of my public security advisories.

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

ES File Explorer Open Port Vulnerability - CVE-2019-6447

一些漏洞分析

Threat research and reporting from IronNet's Threat Research Teams

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

Defanged Indicator of Compromise (IOC) Extractor.

Log4j Vulnerability Scanner for Windows

Real-time HTTP Intrusion Detection

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Extract and aggregate threat intelligence.