CERT Coordination Center (CERT/CC) (CERTCC)

CERT Coordination Center (CERT/CC)

CERTCC

Geek Repo

The CERT Coordination Center is part of Carnegie Mellon University's Software Engineering Institute.

Location:Pittsburgh, PA

Home Page:https://vuls.cert.org

Twitter:@certcc

Github PK Tool:Github PK Tool

CERT Coordination Center (CERT/CC)'s repositories

CVE-2021-44228_scanner

Scanners for Jar files that may be vulnerable to CVE-2021-44228

Language:PowerShellLicense:BSD-2-ClauseStargazers:346Issues:35Issues:35

certfuzz

This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).

Language:PythonLicense:NOASSERTIONStargazers:260Issues:25Issues:31

keyfinder

A tool for finding and analyzing private (and public) key files, including support for Android APK files.

kaiju

CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is the primary, canonical repository for this project -- file bug reports and wishes here!

Language:JavaLicense:NOASSERTIONStargazers:251Issues:10Issues:32

tapioca

CERT Tapioca for MITM network analysis

Language:PythonLicense:NOASSERTIONStargazers:180Issues:10Issues:1

PoC-Exploits

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

Language:PythonLicense:BSD-3-ClauseStargazers:177Issues:21Issues:4

SSVC

Stakeholder-Specific Vulnerability Categorization

Language:PythonLicense:NOASSERTIONStargazers:102Issues:13Issues:263

labyrinth

Come inside, and have a nice cup of tea.

privesc

Process Monitor filter for finding privilege escalation vulnerabilities on Windows

SBOM

Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data

Language:JavaScriptLicense:MITStargazers:54Issues:12Issues:16

VINCE

VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.

Language:PythonLicense:NOASSERTIONStargazers:48Issues:17Issues:60

cveClient

A client and library to cve-services 2.x to provide CVE management for CNA and CERTs

Language:JavaScriptLicense:NOASSERTIONStargazers:16Issues:4Issues:13

vulnerability_disclosure_policy_templates

A collection of templates for generating vulnerability disclosure policies.

License:MITStargazers:10Issues:9Issues:0

cvelist

Pilot program for CVE submission through GitHub

Vultron

Vultron is a protocol for Coordinated Vulnerability Disclosure

Language:PythonLicense:NOASSERTIONStargazers:6Issues:4Issues:4

CERT-Guide-to-CVD

Issues-only tracker for suggested changes to the CERT Guide to Coordinated Vulnerability Disclosure

Stargazers:5Issues:0Issues:0

Linux-Kernel-Analysis-Environment

Container-based environment for debugging and analyzing Linux kernels using QEMU and GDB

Language:ShellLicense:MITStargazers:4Issues:3Issues:0

pharos

Automated static analysis tools for binary programs. This is a "mirror"; please file tickets, bug reports, or pull requests at the upstream home in @cmu-sei: https://github.com/cmu-sei/pharos

Language:C++License:NOASSERTIONStargazers:4Issues:1Issues:0

UEFI-Analysis-Resources

Documentation, examples, and other resources regarding analyzing EDK2 based UEFI firmware

Language:PHPLicense:MITStargazers:4Issues:3Issues:0

exploitable

This is CERT/CC's fork of the 'exploitable' GDB plugin. We're maintaining this for historical purposes, but not currently actively participating in its development. Please submit issues or pull requests to the main (jfoote's) project.

Language:PythonLicense:NOASSERTIONStargazers:3Issues:1Issues:0

exploitdb

CERT/CC's fork of the official Exploit Database repository in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.

Language:CLicense:GPL-2.0Stargazers:3Issues:2Issues:0

git_vul_driller

Drills through git commit histories to find vulnerability IDs in change logs.

Language:Jupyter NotebookLicense:MITStargazers:3Issues:2Issues:0

metasploit-framework

CERT/CC's fork of Metasploit Framework in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.

Language:RubyLicense:NOASSERTIONStargazers:2Issues:1Issues:0

metasploit_json_parser

Parser for the JSON database included in metasploit-framework that emits a CSV file of modules keyed by vulnerability IDs and references.

Language:PythonLicense:MITStargazers:2Issues:3Issues:0

0days-in-the-wild

Repository for information about 0-days exploited in-the-wild.

Language:HTMLLicense:Apache-2.0Stargazers:1Issues:0Issues:0

autocats

AUTOCATS is the automated code analysis testing suite, used by projects like CERT Kaiju.

Language:C++Stargazers:1Issues:1Issues:0

Syzbot-Repro-Runner

Automatically build and run a custom kernel and crasher from a syzbot report

Language:PythonLicense:MITStargazers:1Issues:4Issues:0
Language:ShellLicense:CC0-1.0Stargazers:0Issues:0Issues:0

cvd

Coordinated Vulnerability Disclosure

Language:JavaScriptLicense:NOASSERTIONStargazers:0Issues:4Issues:0

cve-services

This repo contains the source for the CVE Services API.

Language:JavaScriptLicense:CC0-1.0Stargazers:0Issues:0Issues:0