wphash-vuln-data
opencve
wphash-vuln-data | opencve | |
---|---|---|
1 | 21 | |
7 | 1,630 | |
- | 2.3% | |
2.6 | 4.1 | |
over 1 year ago | about 7 hours ago | |
Python | Python | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wphash-vuln-data
-
WPHash - Fingerprinting WordPress Plugins, now in public beta and open to feedback and collaboration
Public vulnerability information regarding WordPress plugins is open to anyone who would like to use it, The data lives under https://github.com/cydave/wphash-vuln-data.
opencve
- Auth0 increases price by 300%
- how to stay up to date with new CVEs?
- Where do you get your information regarding new vulnerabilities and security risks?
-
PaperCut MF/NG vulnerability
Don't like someone else running it? No problem, it's open source and you can run it yourself https://github.com/opencve/opencve
-
Tracking vulnerabilities that your company is effected by.
I use https://www.opencve.io you can make a account and then subscribe to different products and/or vendors to get automated updates via mail if there are new vulnerabilities that affect these products
-
Getting informed about exploits / CVEs
www.opencve.io and filter on your vendors and hw models.
- CVE sources
-
CVE Vulnerability Tracking
Check out OpenCVE, I find it as an excellent tool.
-
zero-day exploit notifications
https://www.opencve.io/ - Site that allows you to be emailed of new CVEs by subscribing to different products and vendors.
-
CVE Search
https://www.opencve.io/ is something to use as well.
What are some alternatives?
Wpushell - Wpushell is a tool used to upload a backdoor shell to a site that uses a WordPress Content Management System with a simple and fast process.
grype - A vulnerability scanner for container images and filesystems
dagda - a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
vulnix - Vulnerability (CVE) scanner for Nix/NixOS.
pip-rating - Check the health of your project's requirements and get a score for each dependency.
vulnmine - Vulnmine searches for vulnerable hosts using MS SCCM host / software inventory data with NIST NVD Vulnerability feed data.
CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
openvas-scanner - This repository contains the scanner component for Greenbone Community Edition.
DependencyCheck - OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
vulnerablecode - A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
faraday - Open Source Vulnerability Management Platform
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.