This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.
- Install Python3 on your system
- Install required libraries using
pip3 install -r requirements.txt - Run VulnerabilitySearcher using
python3 vulnerabilitySearcher.py
This Python script serves as a comprehensive tool for searching and retrieving information about vulnerabilities associated with specific technology components and versions. It performs the following tasks:
Finding Common Platform Enumeration (CPE) Strings: Utilizes the National Vulnerability Database (NVD) API to search for CPE strings based on provided technology names and versions.
Querying Snyk Database: Queries the Snyk database to discover vulnerabilities associated with provided CVE IDs.
Searching for Exploits: Utilizes the searchsploit command-line tool to search for exploits related to provided CVE IDs.
Fetching CVE Details: Retrieves details of Common Vulnerabilities and Exposures (CVEs) associated with CPE strings from the NVD API.
Fetching GitHub URLs: Retrieves GitHub URLs containing public exploits or proofs of concept (POCs) related to CVEs.
Searching and Extracting Download Links: Searches Packet Storm Security for download links to possible exploits, irrespective of CPE string availability.
Searching Marc.Info: Searches Marc.Info for possible exploits linked to provided technology names and versions.
You can reach me via email at karim@mirak.me or visit my website www.mirak.me.