cve-search - a tool to perform local searches for known vulnerabilities

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

PatrowlHears - Vulnerability Intelligence Center / Exploits

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

A suite of utilities to help with software supply chain challenges on nix targets

The knife of the Admin & Security auditor

Repository for the IPvSeeYou talk at Black Hat 2021

A search engine on information delivered by OSINT sources to support Vulnerability Assessment

A small Python wrapper to download data using cve2stix and cpe2stix.

A Python 🐍 script to swiftly lookup CVEs from CPEs, uncovering software vulnerabilities by severity 🔍🛡️

This project contains programs that will create a database of the programs installed on your PC, and match them against the NIST's CPEs (identification of software) and CVEs (vulnerabilities of software) dictionaries.

Vulmatch is a database of CVEs in STIX 2.1 format with a REST API wrapper to access them.

NIST CPE CVE Known Vulnerabilities Scanner

NSVS (Network service vulnerability scanner) is for my AQA Computer Science A-level NEA using the USA's national vulnerability database (NVD).

return results known vulnerabilities by calling NVD NIST API

A command line tool that turns NVD CPE records into STIX 2.1 Objects.

A Python 3 script that gets CPE URIs based on COTS names, and puts them in a CSV output file.