cve-search

LSE toolsLSE toolscve-search (256)cve-search (256)

Tool and Usage

Project details
LicenseBSD 3-clause
Programming languagePython
AuthorWim Remes
Latest release2.1 []

Project health

70
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

The primary objective of this software is to avoid doing direct lookups into public CVE databases. This reduces leaking sensitive queries and improves performance.

How it works

cve-search has a back-end to store vulnerabilities and related information. It comes with a web interface to search and manage vulnerabilities. Additionally, it has several tools to query the system and a web API interface.

Usage and audience

cve-search is commonly used for password strength testing, security assessment, vulnerability management, or vulnerability scanning. Target users for this tool are pentesters, security professionals, and system administrators.

Features

  • Application programming interface (API) available
  • Command line interface
  • Tool allows multiple integrations
  • Web interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Author and Maintainers

Cve-search was created by Wim Remes. Currently the project is managed by Alexandre Dulaunoy, Pieter-Jan Moreels.

Installation

Supported operating systems

Cve-search is known to work on Linux.

Dependencies

Several dependencies are required to use cve-search.

  • click
  • Flask
  • flask-login
  • flask-pymongo
  • irc
  • itsdangerous
  • jinja2
  • lxml
  • passlib
  • pymongo
  • python-dateutil
  • pytz
  • Redis
  • requests
  • six
  • sleekxmpp
  • tornado
  • Werkzeug
  • whoosh
  • xlrd

cve-search alternatives

Similar tools to cve-search:

97

OpenVAS

OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.

60

ThreatPinch Lookup

ThreatPinch is a Chrome extension to perform information lookups on data artifacts like domain names, hashes, IP addresses, and more.

85

vFeed

vFeed is a set of tools around correlated vulnerability and threat intelligence. It provides a database, API, and supporting tools to store vulnerability data.

All cve-search alternatives

Found an improvement? Help the community by submitting an update.

Related tool information

Compare cve-search with other tools