Security is Everyone's Job
Exploits are programs or code that take advantage of vulnerabilities in software or systems to perform malicious actions, such as executing arbitrary code, escalating privileges, or causing denial of service.
Malware is software or code that is designed to harm or compromise devices, networks, or data, such as viruses, worms, Trojans, ransomware, or spyware.
Databases are used to store this information so that security professionals can find ways to defend against these exploits.
Exploit Database:This is a database that contains exploits, shellcode, and papers for various platforms and applications. It is maintained by Offensive Security, the creators of Kali Linux and the Metasploit Framework. It also provides a search engine and a web interface for browsing and downloading the exploits.
VulDB:This is a database that contains vulnerabilities, exploits, and references for various software and hardware products. It is updated daily with new entries and scores them based on their severity and exploitability. It also provides a search engine and an API for accessing the da
Rapid7 Vulnerability & Exploit Database:This is a database that contains vulnerabilities, exploits, and modules for the Metasploit Framework, a popular tool for penetration testing and security research. It is maintained by Rapid7, the developers of the Metasploit Framework. It also provides a search engine and a web interface for browsing and downloading the modules.
0day.today:This is a database that contains zero-day exploits, which are exploits for unknown or unpatched vulnerabilities. It also sells private exploits for a fee. It is accessible via the Tor network, which provides anonymity and privacy for its users and operators. It also provides a search engine and a web interface for browsing and buying the exploits.
Malware bazaar DB:Malware bazaar DB is a project from abuse.ch that collects and shares malware samples with the infosec community, AV vendors, and threat intelligence providers. It allows users to upload, search, and download malware samples, as well as access an API for integrating the data into their own tools.
ID Ransomware:ID Ransomware is a free website that helps victims identify what ransomware may have encrypted their files. It supports over 1,000 different ransomware families and provides information on whether they are decryptable or not, and how to contact the ransomware authors or get help from experts.
Scammer Info:Scammer.info is a website that allows users to share and expose the phone numbers and websites of scammers who try to trick people into giving them money or personal information. Users can also report scam calls, texts, or emails, and get advice on how to deal with them. Scammer.info also has a forum where users can discuss various topics related to scams and frauds, such as scam baiting, scam prevention, and scam awareness.
CIS Security Benchmarks:CIS Security Benchmark is a set of secure configuration recommendations for hardening specific technologies in an organization’s environment. They are developed by the CIS Benchmarks Communities, which consist of cybersecurity experts from around the world. They cover various platforms, such as operating systems, cloud providers, network devices, and applications.
CVE DB:CVE is an acronym for Common Vulnerabilities and Exposures, which is a list of publicly disclosed cybersecurity vulnerabilities. Each vulnerability is assigned a unique CVE ID number and a brief description. The CVE list is maintained by the MITRE Corporation, a nonprofit organization that runs federal government-sponsored research and development centers
snyk security tools:Snyk’s database is a comprehensive list of known security vulnerabilities that affect open source code, dependencies, containers, and infrastructure as code. Snyk’s database is powered by Snyk’s industry-leading security intelligence and DeepCode AI, which combine multiple sources of data, such as public and private vulnerability databases, security advisories, code analysis, and machine learning, to provide accurate and actionable information and remediation guidance for vulnerabilities. Snyk’s database is updated daily with new entries and scores them based on their severity and exploitability.