cisagov / vulnrichmentLinks
A repo to conduct vulnerability enrichment.
☆662Updated this week
Alternatives and similar repositories for vulnrichment
Users that are interested in vulnrichment are comparing it to the libraries listed below
Sorting:
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆346Updated this week
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆658Updated 2 weeks ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,169Updated 2 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆209Updated this week
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆668Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆394Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆322Updated this week
- Open source templates you can use to bootstrap your security programs☆861Updated 2 months ago
- Galah: An LLM-powered web honeypot.☆564Updated last week
- CISA CSAF Security Advisories☆79Updated this week
- Stakeholder-Specific Vulnerability Categorization☆156Updated this week
- 💀 Don't fear the Reaper 👻☆563Updated this week
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆78Updated last year
- A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE AT…☆1,192Updated last month
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆171Updated this week
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆439Updated last month
- Gram is Klarna's own threat model diagramming tool☆322Updated last week
- OWASP Foundation Web Respository☆286Updated last week
- A curated list of annual cyber security reports☆590Updated this week
- Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…☆1,359Updated last month
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆178Updated this week
- An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRI…☆794Updated last month
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆391Updated last week
- ☆370Updated last year
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,150Updated this week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆695Updated 6 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆324Updated 3 weeks ago
- Global Security Database☆319Updated last year
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆281Updated last year
- ☆296Updated 3 weeks ago