Indices

Vulnerability Intelligence

Comprehensive vulnerability data aggregated from multiple sources, enriched with VulnCheck's analysis and metadata.

Indices

Anchore NVD Data Overrides

Anchore NVD Data Overrides is an index of data overrides for the NVD dataset curated by Anchore that provides additional data that might be missing from NVD.

Browse the anchore-nvd-override index

CANVAS Exploit Packs

CANVAS Exploit Packs developed by Gleg are powerful tools used in penetration testing and vulnerability assessment. These exploit packs provide a comprehensive range of exploits and attack vectors to assess the security of computer systems and applications.

Browse the canvas index

CISA Known Exploited Vulnerabilities

The CISA Known Exploit Vulnerabilities catalog contains a list of exploited vulnerabilities known to CISA.

Browse the cisa-kev index

Common Weakness Enumeration Database

The MITRE Common Weakness Enumeration (CWE) is a community-developed list of common software security weaknesses. The CWE is maintained by the MITRE Corporation, a not-for-profit organization that operates federally funded research and development centers (FFRDCs) sponsored by the U.S. government. The CWE is a valuable resource for software developers, security professionals, and other stakeholders in the software industry. It provides a standardized way to identify and describe common software security weaknesses, which helps to improve the security of software systems and applications.

Browse the cwe index

Emerging Threats Snort

Proofpoint's Emerging Threats Snort Rules are snort rules that can be used to monitor network traffic for malicious activity.

Browse the emerging-threats-snort index

EPSS Data

The Exploit Prediction Scoring System (EPSS) is a data-driven effort for estimating the probability that a software vulnerability will be exploited in the wild.

Browse the epss index

The Exploit Database

The Exploit Database (ExploitDB) is an archive of public exploits curated by OffSec.

Browse the exploitdb index

Gitee Exploits

| Exploits hosted on Gitee

Browse the gitee-exploits index

GitHub Exploits

| Exploits hosted on GitHub

Browse the github-exploits index

GitLab Exploits

| Exploits hosted on GitLab

Browse the gitlab-exploits index

Project Zero In the Wild Exploits

Project Zero's In the Wild Exploits exploits list are curated by Google's Project Zero team and tracks zero day exploits found in the wild.

Browse the google-0day-itw index

GreyNoise Metadata

GreyNoise Metadata Advisories are a type of security advisory that provides information about metadata associated with various IP addresses, domains, and other internet-connected devices.

Browse the greynoise-metadata index

Huawei IPS Vulnerabilities

Huawei IPS Vulnerabilities are official notifications released by Huawei to address security vulnerabilities caught by Huawei's Intrusion Prevention System. These vulnerability notifications provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.

Browse the huawei-ips index

Metasploit Modules

Metasploit Modules is a list of modules that can be utilized via the metasploit framework for pentesting.

Browse the metasploit index

MISP Threat Actors

MISP Threat Actors is an open source list of known threat actors for the MISP (Malware Information Sharing Program) Open Source Threat Intelligence Sharing Platform.

Browse the misp-threat-actors index

SAINT Exploits

SAINT Exploits exploits list are advisories and contain vulnerability details that are curated by the SAINT Corporation.

Browse the saint index

Shadowserver Foundation Vulnerabilities

Shadowserver foundation vulnerabilities contain attack statistics. Vulnerabilities are ranked according to the frequency with which exploitation attempts are made against honeypots.

Browse the shadowserver-exploited index

Sigma Rules

Sigma Rules is a collection of rules where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules for SIEM systems.

Browse the sigma-rules index

VapidLabs Vulnerabilities

VapidLabs Vulnerabilities are advisories and contain vulnerability details along with exploits that are curated by Larry Cashdollar.

Browse the vapidlabs index

CISA Vulnrichment

The CISA Vulnrichment project is the public repository of CISA's enrichment of public CVE records through CISA's ADP (Authorized Data Publisher) container. In this phase of the project, CISA is assessing new and recent CVEs and adding key SSVC decision points. Once scored, some higher-risk CVEs will also receive enrichment of CWE, CVSS, and CPE data points, where possible.

Browse the vulnrichment index