fkie-cad / nvd-json-data-feeds
Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endorsed nor certified by the NVD.
☆107Updated this week
Related projects: ⓘ
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆126Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆92Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆123Updated 7 months ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆37Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆229Updated this week
- A source code static analysis platform for AppSec enthusiasts.☆199Updated this week
- ☆172Updated 6 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆130Updated this week
- Tool to guess CPE name based on common software name☆66Updated 5 months ago
- GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrar…☆119Updated 3 weeks ago
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports f…☆136Updated last year
- Manager of third-party sources of Semgrep rules 🗂☆73Updated last month
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆250Updated 2 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆64Updated 4 months ago
- ☆108Updated last year
- boostsecurityio/lotp☆97Updated 5 months ago
- Find CVE PoCs on GitHub☆136Updated 11 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆95Updated 7 months ago
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆46Updated 2 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆151Updated 3 weeks ago
- Hourly updated database of exploit and exploitation reports☆231Updated this week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆127Updated last year
- OSS-Fuzz vulnerabilities for OSV.☆129Updated this week
- NVD/CVE as JSON files☆105Updated this week
- Collection of community-driven CodeQL query, library and extension packs☆64Updated 3 weeks ago
- 🔍A dependency-aware GraphQL API fuzzing tool☆120Updated this week
- Global Security Database☆305Updated 4 months ago
- an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responses☆88Updated last year
- Demonstrates how a malicious dependency could negatively impact the build output.☆23Updated last year
- ☆115Updated last year