CISA CSAF Security Advisories
☆96Feb 26, 2026Updated this week
Alternatives and similar repositories for CSAF
Users that are interested in CSAF are comparing it to the libraries listed below
Sorting:
- A repo to conduct vulnerability enrichment.☆733Updated this week
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- A risk rating calculation methodology that uses the OWASP Risk Rating Methodology as a basis.☆32Sep 4, 2024Updated last year
- OASIS TC Open Repository: A GitHub repository for management of non-normative information about the work of the CSAF Technical Committee,…☆21Feb 13, 2026Updated 2 weeks ago
- Stakeholder-Specific Vulnerability Categorization☆175Updated this week
- CISA Known Exploited Vulnerabilities Catalog Enrichment☆19Jun 24, 2024Updated last year
- Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format☆41Feb 25, 2026Updated last week
- Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface☆14Updated this week
- ☆10May 12, 2022Updated 3 years ago
- CISA is hiring! We’re looking for candidates passionate about our mission to lead the national effort to understand and manage cyber and …☆75Nov 20, 2024Updated last year
- Threat Modeling Manifesto☆30Jul 18, 2024Updated last year
- Passive Bitcoin Project☆10Aug 10, 2015Updated 10 years ago
- Manage collection of SBOMs (Software Bill of Materials)☆14Mar 25, 2024Updated last year
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- ☆75Apr 3, 2025Updated 11 months ago
- Open-source CMDB for ICS and OT environments — map assets, visualize networks, track changes, and keep control.☆49Feb 12, 2026Updated 2 weeks ago
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Updated this week
- Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy …☆12Sep 18, 2020Updated 5 years ago
- Sentinel Recon Tools Workbook☆14Aug 24, 2022Updated 3 years ago
- OXA - Open XDR architecture☆12Apr 1, 2025Updated 11 months ago
- ☆10May 25, 2023Updated 2 years ago
- Tools to download or provide CSAF (Common Security Advisory Framework) documents.☆57Dec 18, 2025Updated 2 months ago
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMs☆39Updated this week
- OpenSSF Project Template☆23Nov 29, 2023Updated 2 years ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆11Aug 14, 2025Updated 6 months ago
- GitHub Action to get a license overview in SPDX format☆14Dec 24, 2021Updated 4 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- A Microsoft Threat Modelling tool template for ICS threat modelling☆13Aug 20, 2020Updated 5 years ago
- A tool to generate datasets and models based on vulnerabilities descriptions from @Vulnerability-Lookup.☆23Feb 19, 2026Updated last week
- ☆102Sep 27, 2024Updated last year
- OASIS OpenEoX TC: The purpose of this repository is to support version control for Work Product artifacts developed by members of the OAS…☆45Feb 23, 2026Updated last week
- AIL project training materials☆39Feb 24, 2026Updated last week
- Vulnogram is the tool for reserving, managing, and publishing CVEs. Get started at vulnogram.org or deploy Docker edition for full enterp…☆214Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆33Jan 19, 2024Updated 2 years ago
- Deploy multiple instances of Nessus in docker containers easily☆20Mar 31, 2021Updated 4 years ago
- Amazon Web Services (AWS) Microsoft Threat Modeling Tool Template☆16Aug 19, 2021Updated 4 years ago
- misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…☆19Jan 9, 2026Updated last month
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆218Oct 21, 2025Updated 4 months ago
- A collection of data fetchers, and simple quarterly and yearly CVE forecasting models.☆46Oct 1, 2025Updated 5 months ago