Tools

Software within the Vulnerability-Lookup project.

Sightings

Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source. A suite of sighting clients is already available to support this functionality:

ToolDescription
ShadowSightA client that retrieves vulnerability observations from the The Shadowserver Foundation and pushes them to a Vulnerability-Lookup instance.
FediVulnA client to gather vulnerability-related information from the Fediverse.
BlueSkySightA client to gather vulnerability-related information from Bluesky.
MISPSightA client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability-Lookup instance.
NucleiVulnA client designed to retrieve vulnerability-related observations from the Nuclei Git repository of templates and pushes them to a Vulnerability-Lookup instance.
ExploitDBSightingA client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.
KEVSightA client to generate sightings for Vulnerability-Lookup from the Known Exploited Vulnerabilities (KEV) catalog.
GistSightA client for gathering vulnerability-related information from GitHub Gists.

More information related to the sightings can be found in the user manual.

Libraries to access the Vulnerability-Lookup API

Software extending Vulnerability-Lookup

  • CPE Guesser - a command-line tool or web service designed to guess the CPE name based on one or more keywords.

Software using Vulnerability-Lookup