• This repository has been archived on 25/Apr/2024
  • Stars
    star
    9
  • Rank 1,939,727 (Top 39 %)
  • Language
  • License
    MIT License
  • Created almost 5 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)

More Repositories

1

CVE-2021-44228_scanner

Scanners for Jar files that may be vulnerable to CVE-2021-44228
PowerShell
343
star
2

keyfinder

A tool for finding and analyzing private (and public) key files, including support for Android APK files.
Python
266
star
3

certfuzz

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).
Python
262
star
4

trommel

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators
Python
204
star
5

tapioca

CERT Tapioca for MITM network analysis
Python
180
star
6

PoC-Exploits

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Python
180
star
7

SSVC

Stakeholder-Specific Vulnerability Categorization
Python
127
star
8

labyrinth

Come inside, and have a nice cup of tea.
96
star
9

Vulnerability-Data-Archive

With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
87
star
10

privesc

Process Monitor filter for finding privilege escalation vulnerabilities on Windows
77
star
11

SBOM

Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
JavaScript
57
star
12

VINCE

VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
Python
53
star
13

dranzer

Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controls
C++
32
star
14

Vulnerability-Data-Archive-Tools

Tools for working with the CERT Vulnerability Data Archive. See also https://github.com/CERTCC/Vulnerability-Data-Archive
Python
19
star
15

cveClient

A client and library to cve-services 2.x to provide CVE management for CNA and CERTs
JavaScript
17
star
16

Vultron

Vultron is a protocol for Coordinated Vulnerability Disclosure
Python
10
star
17

CERT-Guide-to-CVD

Content for the CERT Guide to Coordinated Vulnerability Disclosure
Shell
7
star
18

UEFI-Analysis-Resources

Documentation, examples, and other resources regarding analyzing EDK2 based UEFI firmware
PHP
6
star
19

Linux-Kernel-Analysis-Environment

Container-based environment for debugging and analyzing Linux kernels using QEMU and GDB
Shell
5
star
20

git_vul_driller

Drills through git commit histories to find vulnerability IDs in change logs.
Jupyter Notebook
3
star
21

ip6tables-configuration

Automatically exported from code.google.com/p/ip6tables-configuration
Shell
3
star
22

metasploit_json_parser

Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.
Python
2
star
23

Syzbot-Repro-Runner

Automatically build and run a custom kernel and crasher from a syzbot report
Python
1
star