Open Sinderella opened 7 years ago
ngkogkos
commented
7 years ago From my understanding: http://cve-search.org/software/#public-web-api-of-cve-search
If we use the cve-search API, then we can probably get all the results in the above CVE vendors, so it would be cool to run a module for that first, then judge which ones to scrape I guess? Or maybe the API even provides all the required info.
Sinderella
commented
7 years ago @ngkogkos anything we could use to improve our tool here?
ngkogkos
commented
7 years ago @Sinderella that blog post is not bad, there are some sources in there that we dont have in our sources. One day he may update it to refer ephe :)
Lets have a look into it again in the future.
ngkogkos
commented
7 years ago Probably a very future idea would be harvesting social media as well, mostly Twitter I guess, for any exploit or CVE references 💃
ngkogkos
commented
7 years ago From your blog post @Sinderella have you checked http://iedb.ir/search.php? Looks very script-kiddish but again maybe there will be something there not elsewhere? Highly doubt it though but looks like we could add one more searcher for it quite easily. (inb4 it goes down immediately after we implement it)
source: https://github.com/enaqx/awesome-pentest#vulnerability-databases
Just a suggestion, create an issue for each of them and someone should pick it up.