cisagov / vulnrichmentLinks
A repo to conduct vulnerability enrichment.
☆716Updated last week
Alternatives and similar repositories for vulnrichment
Users that are interested in vulnrichment are comparing it to the libraries listed below
Sorting:
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆459Updated this week
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆682Updated 3 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆438Updated last week
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Updated last month
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆215Updated last week
- A curated list of annual cyber security reports☆951Updated this week
- blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-o…☆429Updated 2 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆296Updated last week
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆710Updated 2 months ago
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆204Updated last week
- Global Security Database☆317Updated last year
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆83Updated last year
- OWASP Foundation Web Respository☆345Updated this week
- Galah: An LLM-powered web honeypot.☆631Updated 6 months ago
- Open source templates you can use to bootstrap your security programs☆885Updated last month
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆959Updated last week
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆479Updated 7 months ago
- ☆380Updated last year
- OSV-SCALIBR: A library for Software Composition Analysis☆560Updated this week
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆373Updated 4 months ago
- CISA CSAF Security Advisories☆93Updated last week
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆201Updated this week
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆966Updated last month
- Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated d…☆263Updated this week
- Stakeholder-Specific Vulnerability Categorization☆168Updated this week
- A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale.☆973Updated 3 weeks ago
- A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE AT…☆1,206Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆596Updated 9 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆139Updated 2 years ago
- Threat-hunting tool for Linux☆1,033Updated last week