Gather and update all available and newest CVEs with their PoC.

Finding potential software vulnerabilities from git commit messages

Find CVE PoCs on GitHub

Vulnerability Information Aggregator for CVEs

An ever-growing list of resources for data-driven vulnerability assessment and prioritization

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

Revisiting Graph Neural Networks for Vulnerability Detection (ICSE 2022) (Pytorch)

Automated privilege escalation of the world's most popular Docker images.

Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated Software Engineering (ASE) 2021

Threat modeling of an open-source VPN Client - OpenConnect using Microsoft Threat Modeling Tool

The compilation of demos and proof of concepts of vulnerability exploits of SSL/TLS protocol and related libraries

Reproduction package for the paper "A Large-scale Study of Security Vulnerability Support on Developer Q&A Websites" in the Evaluation and Assessment in Software Engineering (EASE) 2021

Security in the context of Software-Source code analysis, Buffer Overflow and Web Security