cisagov / vulnrichmentLinks
A repo to conduct vulnerability enrichment.
☆651Updated this week
Alternatives and similar repositories for vulnrichment
Users that are interested in vulnrichment are comparing it to the libraries listed below
Sorting:
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆654Updated 3 months ago
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆332Updated last week
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆207Updated this week
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,163Updated last month
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆388Updated last month
- OWASP Foundation Web Respository☆282Updated 2 weeks ago
- Open source templates you can use to bootstrap your security programs☆859Updated last month
- 💀 Don't fear the Reaper 👻☆553Updated last week
- A curated list of annual cyber security reports☆568Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆316Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆78Updated last year
- Gram is Klarna's own threat model diagramming tool☆319Updated this week
- OSV-SCALIBR: A library for Software Composition Analysis☆355Updated this week
- Global Security Database☆319Updated last year
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆662Updated last week
- Galah: An LLM-powered web honeypot.☆551Updated last month
- Stakeholder-Specific Vulnerability Categorization☆153Updated this week
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆777Updated 3 weeks ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆212Updated this week
- Open Source Package Analysis☆834Updated 2 months ago
- ☆370Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆317Updated this week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆696Updated 5 months ago
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆166Updated this week
- OCSF Schema☆706Updated 2 weeks ago
- Open Adversary Exposure Validation Platform☆1,077Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆758Updated 3 weeks ago
- A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE AT…☆1,188Updated 3 weeks ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆530Updated 4 months ago
- CISA CSAF Security Advisories☆74Updated this week