CERT Coordination Center (CERT/CC)'s repositories
CVE-2021-44228_scanner
Scanners for Jar files that may be vulnerable to CVE-2021-44228
PoC-Exploits
Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Vulnerability-Data-Archive
With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Vulnerability-Data-Archive-Tools
Tools for working with the CERT Vulnerability Data Archive. See also https://github.com/CERTCC/Vulnerability-Data-Archive
vulnerability_disclosure_policy_templates
A collection of templates for generating vulnerability disclosure policies. (NOTE: As of 2024, these templates are now part of the CERT Guide to Coordinated Vulnerability Disclosure, see link in README.)
CERT-Guide-to-CVD
Content for the CERT Guide to Coordinated Vulnerability Disclosure
Linux-Kernel-Analysis-Environment
Container-based environment for debugging and analyzing Linux kernels using QEMU and GDB
UEFI-Analysis-Resources
Documentation, examples, and other resources regarding analyzing EDK2 based UEFI firmware
exploitable
This is CERT/CC's fork of the 'exploitable' GDB plugin. We're maintaining this for historical purposes, but not currently actively participating in its development. Please submit issues or pull requests to the main (jfoote's) project.
git_vul_driller
Drills through git commit histories to find vulnerability IDs in change logs.
metasploit-framework
CERT/CC's fork of Metasploit Framework in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.
metasploit_json_parser
Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references. NOTE: Superseded by git_vul_driller linked below.
pharos-demangle
Demangles C++ symbol names genarated by Microsoft Visual C++ in order to retrieve the original C++ declarations. This is a "mirror"; please file tickets, bug reports, or pull requests at the upstream home in @cmu-sei: https://github.com/cmu-sei/pharos-demangle
Syzbot-Repro-Runner
Automatically build and run a custom kernel and crasher from a syzbot report