/CVESeeker

Unveiling Cyber Threats: From assets to Vulnerability Insights

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Banner

CVE Seeker - Unveiling Cyber Threats: From Assets to Vulnerability Insights

A comprehensive tool for passive asset scanning, identifying associated CVEs, and finding publicly available proof-of-concept (POC) exploits on GitHub.

Features

  • The whole script uses the passive method to identify CVE via Shodan's free API.
  • Resolves domains to IPs.
  • Identifies open ports for each IP.
  • Fetches CVEs for each IP.
  • Retrieves POCs for identified CVEs (Supports Github currently).
  • Reverse CVE to POC Lookup

Installation

  1. Clone the repository:

    git clone https://github.com/anmolksachan/CVESeeker && cd CVESeeker

  2. Install the required libraries:

    pip3 install -r requirements.txt

  3. Ensure you have colorama installed for colorful terminal output:

    pip install colorama

  4. One line installer:

    git clone https://github.com/anmolksachan/CVESeeker && cd CVESeeker && pip3 install -r requirements.txt && echo "We are ready to seek sailor! " && python3 cveSeeker.py

Usage

$ python3 cveSeeker.py --file <input_file> --project <project_name>
--file:             Input file containing domains / IPs (one per line).
--project:          Project name for storing results.
-cve CVE-ID         CVE ID for fetching POCs

Example

image

Passive Scanner : Asset -> CVE -> POC Lookup

CVESeekerPOCDemo-PassivenmaplikescannertofetchCVEsPOCfromgithub

CVE Reverse POC Lookup

image

Watch Full Demo Here

Watch Here!

License

This project is licensed - see the LICENSE file for details.

Note

Feel free to enhance, modify, or contribute to this script to suit your needs and explore more security-related projects!

Want to support my work?

Give me a Star in the repository or follow me @FR13ND0x7F , that's enough for me :P

Contact

Shoot my DM : @FR13ND0x7F

Coded with ❤️ by Anmol K Sachan (@FR13ND0x7F)