The Correlated CVE Vulnerability And Threat Intelligence Database API

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Protocol Learning and Stateful Fuzzing

PatrowlHears - Vulnerability Intelligence Center / Exploits

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.

Revisiting Graph Neural Networks for Vulnerability Detection (ICSE 2022) (Pytorch)

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Vulnerability Discovery with Function Representation Learning from Unlabeled Projects

VulDB Python scripts to fetch data via API

Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development)

CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.

WP-Exploiter is a tool for testing and exploiting a wide range of WordPress websites.

A CVRF CSAF Converter, taking care about OASIS specification.

ReconHound is a Python-based web reconnaissance tool designed for penetration testers, bug bounty hunters, and ethical hackers. It supports directory and file enumeration, subdomain enumeration, fuzzing, and virtual host (vhost) discovery.

Simple and extensible fuzzer

Exploit code for Vulnerable IoT Demonstrator

The Vulnerability Scanner is a Django-based application that scans websites for security vulnerabilities, providing insights into potential weaknesses such as SQL Injection, XSS, and CSRF issues. Users receive a detailed analysis and site safety score, helping them enhance their web security posture.

This project contains programs that will create a database of the programs installed on your PC, and match them against the NIST's CPEs (identification of software) and CVEs (vulnerabilities of software) dictionaries.