cve-search alternatives

Looking for an alternative tool to replace cve-search? During the review of cve-search we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. OpenVAS (vulnerability scanner)
  2. ThreatPinch Lookup (OSINT tool)
  3. vFeed (vulnerability database and query engine)

These tools are ranked as the best alternatives to cve-search.

Alternatives (by score)

97

OpenVAS

Introduction

OpenVAS is an open source vulnerability scanner that emerged from when Nessus became closed source in October of 2005.

Project details

OpenVAS is written in C.

Strengths and weaknesses

  • + The source code of this software is available
  • + Well-known tool

    Typical usage

    • Penetration testing
    • Security assessment
    • Vulnerability scanning

    OpenVAS review

    60

    ThreatPinch Lookup

    Introduction

    ThreatPinch helps to speed up collecting information from common resources like CVE databases or public WHOIS data. As it works from the browser, it is a helpful addition for people who have to perform forensics, security monitoring, or system administration. For example, getting the owner of a domain and IP address becomes almost instant knowledge.

    Project details

    ThreatPinch Lookup is written in JavaScript.

    Strengths and weaknesses

    • + Many integration possibilities available
    • - Unknown project license

    Typical usage

    • Information gathering
    • Threat hunting

    ThreatPinch Lookup review

    78

    vFeed

    Introduction

    vFeed consists of a database and utilities to store vulnerability data. It uses third-party references and data, which then can be used to see if a software component has a known vulnerability. The data itself is enriched by cross-checking it and store additional details about the vulnerabilities.

    The vFeed tooling has an API available with JSON output. It can be used by security researchers and practitioners to validate vulnerabilities and retrieve all available details.

    Project details

    vFeed is written in Python.

    Strengths and weaknesses

    • + Commercial support available
    • + The source code of this software is available

      Typical usage

      • Security assessment
      • Vulnerability scanning

      vFeed review

      60

      vulnix

      Introduction

      Tools like vulnix help with the detection of known weaknesses in packages by leveraging external resources. It can be used as an additional security layer on top of software patch management.

      Project details

      vulnix is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Vulnerability scanning

        vulnix review

        Some relevant tool missing as an alternative to cve-search? Please contact us with your suggestion.