CVE / Vulnerability OSINT Tools

OSINT tools that take cve / vulnerability as input. Below are the 32 tools in our catalogue that take cve / vulnerability as input, indexed by what they return so you can chain them together.

32tools

Browse with filters

GreyNoise

Internet scanner reputation intelligence

Burp Suite icon

Burp Suite

a commercial web security testing platform for proxying, scanning, and analyz

CVE Details icon

CVE Details

a searchable vulnerability database for CVEs, vendors, products, versions, an

Can I Take Over XYZ icon

Can I Take Over XYZ

a community-maintained reference for identifying services vulnerable to subdo

Exploit-DB icon

Exploit-DB

a public exploit archive maintained by Offensive Security for vulnerability r

Findsploit icon

Findsploit

Aggregated exploit search by service banner

Greenbone Community Edition icon

Greenbone Community Edition

an open-source vulnerability scanning stack for identifying known issues acro

GreyNoise Visualizer icon

GreyNoise Visualizer

GreyNoise scan-trend visualisation

Grype

a vulnerability scanner for container images, filesystems, and software bills

Interactsh icon

Interactsh

an out-of-band interaction server used to verify blind vulnerabilities and ca

Jaeles

a signature-based web application scanner for detecting security issues and e

Metasploit Framework icon

Metasploit Framework

Penetration testing and exploit framework

NVD

the U.S. National Vulnerability Database for CVEs, CPEs, CVSS scores, and ref

Nikto

a web server scanner for dangerous files, outdated software, and common misco

Nuclei

a template-based vulnerability scanner used to detect misconfigurations and e

Nuclei Templates icon

Nuclei Templates

a community template library used by Nuclei to identify vulnerabilities and m

OSV-Scanner icon

OSV-Scanner

a vulnerability scanner that checks dependencies against the Open Source Vuln

OWASP ZAP

an open-source web application security scanner and intercepting proxy for au

Packet Storm Security icon

Packet Storm Security

a long-running archive of exploits, advisories, tools, and security research

Qualys SSL Labs icon

Qualys SSL Labs

a web service for analyzing public TLS configuration and certificate deployme

Retire.js

a JavaScript dependency scanner that identifies vulnerable client-side librar

SSLyze

a Python scanner that analyzes SSL and TLS services for protocol and certific

Snyk

a developer security platform for scanning dependencies, containers, code, an

Subjack

a subdomain takeover scanner that checks dangling DNS records against known s

Syft

an SBOM generation tool for cataloging packages in containers, filesystems, a

Trivy

a security scanner for containers, dependencies, IaC, secrets, licenses, and

VulnCheck

a vulnerability intelligence platform focused on exploitability, weaponizatio

Vulners

a vulnerability intelligence database and API for CVEs, exploits, advisories,

WPScan

a WordPress security scanner for vulnerable plugins, themes, users, and confi

XSStrike

an XSS detection suite that analyzes parameters and application responses for

sqlmap

an automated SQL injection and database takeover testing tool for authorized

testssl.sh icon

testssl.sh

a command-line scanner for testing TLS and SSL configuration weaknesses

Find specific data from cve / vulnerability

IOC (Indicator of Compromise)30 Report / Summary30

Investigate by other data types

Email Address Phone Number Username Real Name IP Address Domain Name Cryptocurrency Wallet Image / Photo URL Hash (MD5/SHA)Company Name Malware Sample