cwe

There are 82 repositories under cwe topic.

  • Mobile-Security-Framework-MobSF

    MobSF/Mobile-Security-Framework-MobSF

    Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

    Language:JavaScript19.4k5941.5k3.5k
  • find-sec-bugs

    find-sec-bugs/find-sec-bugs

    The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

    Language:Java2.4k88440483

  • fkie-cad/cwe_checker

    cwe_checker finds vulnerable patterns in binary executables

    Language:Rust1.3k28107134

  • toolswatch/vFeed

    The Correlated CVE Vulnerability And Threat Intelligence Database API

    Language:Python94811370242

  • KTZgraph/sarenka

    OSINT tool - gets data from services like shodan, censys etc. in one app

    Language:Python647241487

  • reconmap/pentest-reports

    Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

    Language:JavaScript2667456

  • Feysh-Group/corax-community

    Corax for Java: A general static analysis framework for java code checking.

    Language:Kotlin2554622
  • CVE2CAPEC

    Galeax/CVE2CAPEC

    Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

    Language:Python2233736
  • Vulnogram

    Vulnogram/Vulnogram

    Vulnogram is a tool for creating and editing CVE information in CVE JSON format

    Language:JavaScript199912957

  • Patrowl/PatrowlHearsData

    Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

    Language:Python13613338

  • jeemok/better-npm-audit

    The goal of this project is to provide additional features on top of the existing npm audit options

    Language:TypeScript12544326

  • vfeedio/pyvfeed

    Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions

    Language:Python1026419

  • ALFA-group/BRON

    "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly

    Language:Python9692127

  • sickcodes/security

    Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

    Language:Shell8911219
  • SecurityEval

    s2e-lab/SecurityEval

    Repository for "SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques" published in MSR4P&S'22.

    Language:Python761214

  • amberzovitis/GraphKer

    Open Source Tool - Cybersecurity Graph Database in Neo4j

    Language:Cypher634113

  • OWASP/cwe-tool

    A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

    Language:JavaScript625324

  • binareio/FastCVE

    FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.

    Language:Python575612

  • usnistgov/vulntology

    Development of the NIST vulnerability data ontology (Vulntology).

    Language:JavaScript422010213

  • tobyash86/WebGoat.NET

    WebGoat.NETCore - port of original WebGoat.NET to .NET Core

    Language:C#38535139

  • hrbrmstr/cisa-known-exploited-vulns

    Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list

    Language:HTML37565

  • OWASP/cwe-sdk-javascript

    A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

    Language:JavaScript334610

  • justakazh/CVE_Database

    The Common Vulnerabilities Exposures (CVE) Database

    313014

  • ispras/juliet-dynamic

    Juliet C/C++ Dynamic Test Suite

    30727

  • Hack23/sonar-cloudformation-plugin

    Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov

    Language:Java261689

  • Yuning-J/VulnerabilityClassifier

    Severity scoring and exploit categorisation for vulnerability reports using machine-learning tools.

    Language:Jupyter Notebook24118

  • emo-crab/scap-rs

    National Vulnerability Database (NVD) implemented by rust

    Language:Rust21140

  • antonioforte1995/VISE

    A search engine on information delivered by OSINT sources to support Vulnerability Assessment

    Language:Python18502

  • jgamblin/CISA_Enrichment

    CISA Known Exploited Vulnerabilities Catalog Enrichment

    Language:Jupyter Notebook18302

  • udaykor/vulnhub

    Search NVD locally

    Language:TypeScript14161

  • Yuning-J/NVDFeatureAnalysis

    Correlate NVD datasets wIth CWE/CAPEC/CVSS labels for customised usage. Plus static analysis and data visualisation.

    Language:Jupyter Notebook13105

  • r-net-tools/net.security

    Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).

    Language:R126310

  • center-for-threat-informed-defense/cwe-calculator

    The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

    Language:Python115203

  • Root-Cause-Mapping-Working-Group/RCM-WG

    This repository contains information related to the Root Cause Mapping Working Group and its activities. CVE Numbering Authority (CNA) representatives are invited to join and contribute to the working group's efforts.

    11906

  • criveraalvarez/IoT_CWE-CAPEC_Dataset

    IoT CWE Dataset

    8100

  • DrRamm/android-cve-checker

    Python tool to check your Android kernel for missing CVE patches.

    Language:Python8201