CERTCC/PoC-Exploits CERTCC/PoC-Exploits

  • This repository has been archived on 15/May/2024
  • Stars
    star
    180
  • Rank 211,830 (Top 5 %)
  • Language
    Python
  • License
    BSD 3-Clause "New...
  • Created over 4 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
CERTCC/PoC-Exploits
github

CERTCC

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

PoC-Exploits

Select proof-of-concept exploits and intrusion detection rules for software vulnerabilities to help in identifying, testing and mitigating vulnerable systems.

The PoC is organized by CVE or by VU# when multiple inter-related CVE are published by CERT/CC under one VU#

More Repositories

1

CVE-2021-44228_scanner

Scanners for Jar files that may be vulnerable to CVE-2021-44228
PowerShell
343
star
2

keyfinder

A tool for finding and analyzing private (and public) key files, including support for Android APK files.
Python
266
star
3

certfuzz

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).
Python
262
star
4

trommel

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators
Python
204
star
5

tapioca

CERT Tapioca for MITM network analysis
Python
180
star
6

SSVC

Stakeholder-Specific Vulnerability Categorization
Python
127
star
7

labyrinth

Come inside, and have a nice cup of tea.
96
star
8

Vulnerability-Data-Archive

With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
87
star
9

privesc

Process Monitor filter for finding privilege escalation vulnerabilities on Windows
77
star
10

SBOM

Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
JavaScript
57
star
11

VINCE

VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
Python
53
star
12

dranzer

Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controls
C++
32
star
13

Vulnerability-Data-Archive-Tools

Tools for working with the CERT Vulnerability Data Archive. See also https://github.com/CERTCC/Vulnerability-Data-Archive
Python
19
star
14

cveClient

A client and library to cve-services 2.x to provide CVE management for CNA and CERTs
JavaScript
17
star
15

Vultron

Vultron is a protocol for Coordinated Vulnerability Disclosure
Python
10
star
16

vulnerability_disclosure_policy_templates

A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)
9
star
17

CERT-Guide-to-CVD

Content for the CERT Guide to Coordinated Vulnerability Disclosure
Shell
7
star
18

UEFI-Analysis-Resources

Documentation, examples, and other resources regarding analyzing EDK2 based UEFI firmware
PHP
6
star
19

Linux-Kernel-Analysis-Environment

Container-based environment for debugging and analyzing Linux kernels using QEMU and GDB
Shell
5
star
20

git_vul_driller

Drills through git commit histories to find vulnerability IDs in change logs.
Jupyter Notebook
3
star
21

ip6tables-configuration

Automatically exported from code.google.com/p/ip6tables-configuration
Shell
3
star
22

metasploit_json_parser

Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.
Python
2
star
23

Syzbot-Repro-Runner

Automatically build and run a custom kernel and crasher from a syzbot report
Python
1
star