Skip to content

This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.

License

Notifications You must be signed in to change notification settings

mirak-kimko/VulnerabilitySearcher

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

VulnerabilitySearcher

This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.

First Steps

  1. Install Python3 on your system
  2. Install required libraries using pip3 install -r requirements.txt
  3. Run VulnerabilitySearcher using python3 vulnerabilitySearcher.py

Description

This Python script serves as a comprehensive tool for searching and retrieving information about vulnerabilities associated with specific technology components and versions. It performs the following tasks:

Finding Common Platform Enumeration (CPE) Strings: Utilizes the National Vulnerability Database (NVD) API to search for CPE strings based on provided technology names and versions.

Querying Snyk Database: Queries the Snyk database to discover vulnerabilities associated with provided CVE IDs.

Searching for Exploits: Utilizes the searchsploit command-line tool to search for exploits related to provided CVE IDs.

Fetching CVE Details: Retrieves details of Common Vulnerabilities and Exposures (CVEs) associated with CPE strings from the NVD API.

Fetching GitHub URLs: Retrieves GitHub URLs containing public exploits or proofs of concept (POCs) related to CVEs.

Searching and Extracting Download Links: Searches Packet Storm Security for download links to possible exploits, irrespective of CPE string availability.

Searching Marc.Info: Searches Marc.Info for possible exploits linked to provided technology names and versions.

Contact

You can reach me via email at karim@mirak.me or visit my website www.mirak.me.

Packages

No packages published

Languages