cpe

cve-search/cve-search

cve-search - a tool to perform local searches for known vulnerabilities

OpenSCAP/openscap

NIST Certified SCAP 1.2 toolkit

aboutcode-org/vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

CycloneDX/specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

dbarzin/mercator

Mapping the information system / Cartographie du système d'information

stevespringett/nist-data-mirror

A simple Java command-line utility to mirror the CVE JSON data from NIST.

tiiuae/sbomnix

A suite of utilities to help with software supply chain challenges on nix targets

Patrowl/PatrowlHears

PatrowlHears - Vulnerability Intelligence Center / Exploits

Patrowl/PatrowlHearsData

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

pinterest/it-cpe-cookbooks

A suite of Chef cookbooks that we use to manage our fleet of client devices

CA17/TeamsACS

TeamsACS exclusively serves Mikrotik's TR069 ACS server

SpiderLabs/cve_server

Simple REST-style web service for the CVE searching

BBVA/patton

The clever vulnerability dependency finder

6int/IPvSeeYou

Repository for the IPvSeeYou talk at Black Hat 2021

fkie-cad/iva

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

amberzovitis/GraphKer

Open Source Tool - Cybersecurity Graph Database in Neo4j

abuyv/exposor

Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.

binareio/FastCVE

FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.

stevespringett/CPE-Parser

A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

Talal916/CSUS-CPE-CSC-EEE-Materials

Homework, labs, tests for a variety of classes. Feel free to share. California State University, Sacramento

BBVA/patton-cli

The knife of the Admin & Security auditor

kube-security/orca

This repository contains the container image scanning tool ORCA

knqyf263/go-cpe

A Go library for CPE (A Common Platform Enumeration 2.3)

pandatix/nvdapi

Unofficial but convenient Go wrapper around the NVD REST JSON API

VexStore/fatbom

fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.

Estayparadox/Epitech-Bundle

A curated list of awesome tools used by Epitech students and projects developed at Epitech.

mhils/tr069

arguio/SoftwareCPE-CVEMatcher

This project contains programs that will create a database of the programs installed on your PC, and match them against the NIST's CPEs (identification of software) and CVEs (vulnerabilities of software) dictionaries.

emo-crab/scap-rs

National Vulnerability Database (NVD) implemented by rust

antonioforte1995/VISE

A search engine on information delivered by OSINT sources to support Vulnerability Assessment

udaykor/vulnhub

Search NVD locally

phosphore/CWMPwn

Leveraging CWMP (CPE WAN Management Protocol) to extract vendor specific secrets and configurations from CPEs

r-net-tools/net.security

Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).

1chooo/code

A LeetCode a day, keep rejection away | Code with Hugo 🫡

shlin168/go-nvd

Tools to dump CVE/CPE data from NVD to database, and run API server on top of that