# cve **Repository Path**: bdtl/cve ## Basic Information - **Project Name**: cve - **Description**: No description available - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2023-11-18 - **Last Updated**: 2023-11-18 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README

CVE PoC Tweet

Almost every publicly available CVE PoC.

## Current hottest CVEs | Title | URL | | ----------- | ----------- | | CVE-2022-0001 | [/trickest/cve/blob/main/2022/CVE-2022-0001.md](https://github.com/trickest/cve/blob/main/2022/CVE-2022-0001.md) | | CVE-2022-25297 | [/trickest/cve/blob/main/2022/CVE-2022-25297.md](https://github.com/trickest/cve/blob/main/2022/CVE-2022-25297.md) | | CVE-2022-1388 | [/trickest/cve/blob/main/2022/CVE-2022-1388.md](https://github.com/trickest/cve/blob/main/2022/CVE-2022-1388.md) | | CVE-2022-25451 | [/trickest/cve/blob/main/2022/CVE-2022-25451.md](https://github.com/trickest/cve/blob/main/2022/CVE-2022-25451.md) | To see the complete history go [here](hot_cves.csv) [](https://trickest.io/auth/register) ## How it works ### [Trickest](https://trickest.com) Workflow Architecture ![Trickest Workflow - PoC](workflow.png "Trickest Workflow - PoC") ### TB; DZ (Too big; didn't zoom): - Collect CVE details from [cvelist](https://github.com/CVEProject/cvelist) (Shout out to [CVE Project](https://github.com/CVEProject)!) - Split CVEs up by year. - Find PoCs for each CVE using 2 techniques: 1. References - Gather each CVE's `References`. - Check if any of them points to a PoC using [ffuf](https://github.com/ffuf/ffuf) and a list of keywords Regex: ```(?i)[^a-z0-9]+(poc|proof of concept|proof[-_]of[-_]concept)[^a-z0-9]+``` (Thanks [@joohoi](https://github.com/joohoi)!) **Note**: [ffuf](https://github.com/ffuf/ffuf) is awesome for more purposes than just content discovery. Get CVE referenced in HackerOne Reports - [AllVideoPocsFromHackerOne](https://github.com/zeroc00I/AllVideoPocsFromHackerOne) (Thanks [@zeroc00I](https://github.com/zeroc00I)!) 2. Github Search GitHub for repositories with [find-gh-poc](https://github.com/trickest/find-gh-poc) that mention the CVE ID. - Merge the fresh results into the repository without overwriting the data that was committed manually. - Filter false positives using `blacklist.txt`. - Merge all of the found PoCs. - Generate GitHub badges for each affected software version using [shields.io](https://shields.io). - Write everything into easy-to-read markdown files. > **As described, almost everything in this repository is generated automatically. We carefully designed the workflow (and continue to develop it) to ensure the results are as accurate as possible.** ## Use cases - Browse around, find a nice PoC, and test away! - `Watch` the repository to receive notifications about new PoCs as soon as they go public. - Search for a specific product(s) (and possibly version) to find all public exploits related to it. - Monitor the [atom feed](https://github.com/trickest/cve/commits/main.atom) for a specific product(s). - Create a searchable HTML table using the template and script in [summary_html](summary_html) - Example: https://www.andrewmohawk.com/cve_summary (Thanks [@AndrewMohawk](https://github.com/AndrewMohawk)!) ## Contribution All contribtutions/ideas/suggestions are welcome! Create a new ticket via [GitHub issues](https://github.com/trickest/cve/issues) or tweet at us [@trick3st](https://twitter.com/trick3st). ## Build your own workflows We believe in the value of tinkering; cookie-cutter solutions rarely cut it. Sign up for a [Trickest](https://trickest.com) demo to customize this workflow to your use case, get access to many more workflows, or build your own workflows from scratch! [](https://trickest.io/auth/register)