There are no reviews yet. Be the first to send feedback to the community and the maintainers!
CVE-2021-44228_scanner
Scanners for Jar files that may be vulnerable to CVE-2021-44228keyfinder
A tool for finding and analyzing private (and public) key files, including support for Android APK files.certfuzz
This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).trommel
TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicatorstapioca
CERT Tapioca for MITM network analysisPoC-Exploits
Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.SSVC
Stakeholder-Specific Vulnerability Categorizationlabyrinth
Come inside, and have a nice cup of tea.Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Toolsprivesc
Process Monitor filter for finding privilege escalation vulnerabilities on WindowsSBOM
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & dataVINCE
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.dranzer
Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controlsVulnerability-Data-Archive-Tools
Tools for working with the CERT Vulnerability Data Archive. See also https://github.com/CERTCC/Vulnerability-Data-ArchivecveClient
A client and library to cve-services 2.x to provide CVE management for CNA and CERTsvulnerability_disclosure_policy_templates
A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)CERT-Guide-to-CVD
Content for the CERT Guide to Coordinated Vulnerability DisclosureUEFI-Analysis-Resources
Documentation, examples, and other resources regarding analyzing EDK2 based UEFI firmwareLinux-Kernel-Analysis-Environment
Container-based environment for debugging and analyzing Linux kernels using QEMU and GDBgit_vul_driller
Drills through git commit histories to find vulnerability IDs in change logs.ip6tables-configuration
Automatically exported from code.google.com/p/ip6tables-configurationmetasploit_json_parser
Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.Syzbot-Repro-Runner
Automatically build and run a custom kernel and crasher from a syzbot reportLove Open Source and this site? Check out how you can help us