cwe
There are 69 repositories under cwe topic.
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
fkie-cad/cwe_checker
cwe_checker finds vulnerable patterns in binary executables
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
KTZgraph/sarenka
OSINT tool - gets data from services like shodan, censys etc. in one app
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
Vulnogram/Vulnogram
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
Patrowl/PatrowlHearsData
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
jeemok/better-npm-audit
The goal of this project is to provide additional features on top of the existing npm audit options
vfeedio/pyvfeed
Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
ALFA-group/BRON
"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly
sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
amberzovitis/GraphKer
Open Source Tool - Cybersecurity Graph Database in Neo4j
OWASP/cwe-tool
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
s2e-lab/SecurityEval
Repository for "SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques" published in MSR4P&S'22.
Galeax/CVE2CAPEC
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
usnistgov/vulntology
Development of the NIST vulnerability data ontology (Vulntology).
OWASP/cwe-sdk-javascript
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
hrbrmstr/cisa-known-exploited-vulns
Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list
tobyash86/WebGoat.NET
WebGoat.NETCore - port of original WebGoat.NET to .NET Core
ispras/juliet-dynamic
Juliet C/C++ Dynamic Test Suite
Hack23/sonar-cloudformation-plugin
Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov
Yuning-J/VulnerabilityClassifier
Severity scoring and exploit categorisation for vulnerability reports using machine-learning tools.
justakazh/CVE_Database
The Common Vulnerabilities Exposures (CVE) Database
antonioforte1995/VISE
A search engine on information delivered by OSINT sources to support Vulnerability Assessment
jgamblin/CISA_Enrichment
CISA Known Exploited Vulnerabilities Catalog Enrichment
emo-crab/scap-rs
National Vulnerability Database (NVD) implemented by rust
inspektre/vulnhub
Search NVD locally
r-net-tools/net.security
Security R package with a set of utils to analyse the different industry standards (MITRE and NIST).
center-for-threat-informed-defense/cwe-calculator
The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).
Yuning-J/NVDFeatureAnalysis
Correlate NVD datasets wIth CWE/CAPEC/CVSS labels for customised usage. Plus static analysis and data visualisation.
DrRamm/android-cve-checker
Python tool to check your Android kernel for missing CVE patches.
eric-therond/owasptocvss
A tool to calculate the CVSS score and the bounty amount of a vulnerability from its Owasp description
zaghaghi/neo4j-cve-scripts
Scripts for downloading and importing CVE json feeds into Neo4j
alejandrosaenz117/fetch-cwe-list
A simple Node.js module that fetches and parses the latest Common Weakness Enumeration (CWE) list
nthnle/nvd-feeds-collection
To collect and combine all JSON vulnerability feeds from NIST's National Vulnerability Database with matching Exploit Database ID