Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
-
Updated
Aug 6, 2024
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
CVE-ICU is a research project that automatically pulls all CVE data from the NVD and performs fundamental data analysis and graphing.
Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
DetectiveAttacks aims to simplify the process of mitigating cyber attacks directed toward digital infrastructure.
cwe_checker finds vulnerable patterns in binary executables
Various prompt templates for automatic program repair using LLMs
The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).
A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.
Visualization of CWE tree structure & navigation between weaknesses
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly
CISA Known Exploited Vulnerabilities Catalog Enrichment
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Corax for Java: A general static analysis framework for java code checking.
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
Development of the NIST vulnerability data ontology (Vulntology).
Add a description, image, and links to the cwe topic page so that developers can more easily learn about it.
To associate your repository with the cwe topic, visit your repo's landing page and select "manage topics."