-
moningstar security enhanced google search for vulnerabilities, pretty interesting
-
cloudvulndb sponsored by wiz
-
lunatrace <- we are trying to make this one better!
- socket.dev search for packages and packages can have vulns
- epss shows you a score for exploitability of a CVE
- exploit db find POC exploits for vulnerabilities
- CISA known exploited find known exploited vulnerabilities
There are a lot of pages to search for vulnerabilities, but they all kind of work the same. There are few options that people can use to zero in on having an answer to the basic question "which vulnerabilities do I care about?". This is naturally a hard question because everyone has a different view of what they "care about".
The data is out there to help people answer this question, but it is not being surfaced in the vulnerability search tools built today. The dimensions of data that help shape what someone cares about are what are needed to be surfaced to help people discover what they came looking for, vulnerabilities that matter.
- package ecosystem
- package popularity
- weakness type (RCE, XSS, etc.)
- POC available?
- sort by age of CVE
- download count - as a security person it tells me how much I should give a fuck about the package.
- is there an existing exploit?
- is this used in popular projects (other packages depend on it, github projects?)
- what weaknesses is this vuln? (RCE or bust)
- references are sorted, human vs corporate vs auto-gened
- what PRs were made to fix it -> enriched view of this data?
- percentage of downloads that are vulnerable (based on collected version download count data)
- how is this library normally used/called?
- POC of how the vulnerability can be exploited -> should be present for vulnerabilities we find to be the most impactful
- Deep link url (for search and pages)
- Generate image with metadata (share on social media or chat)