CVE Seeker - Unveiling Cyber Threats: From Assets to Vulnerability Insights

A comprehensive tool for passive asset scanning, identifying associated CVEs, and finding publicly available proof-of-concept (POC) exploits on GitHub.

Features

• The whole script uses the passive method to identify CVE via Shodan's free API.
• Resolves domains to IPs.
• Identifies open ports for each IP.
• Fetches CVEs for each IP.
• Retrieves POCs for identified CVEs (Supports Github currently).
• Reverse CVE to POC Lookup
• Enhanced report generation with search functionality and detailed insights.

Installation

1. Clone the repository:

   git clone https://github.com/anmolksachan/CVESeeker && cd CVESeeker  

2. Install the required libraries:

   pip3 install -r requirements.txt

3. Ensure you have colorama installed for colorful terminal output:

   pip install colorama

4. One line installer:

   git clone https://github.com/anmolksachan/CVESeeker && cd CVESeeker && pip3 install -r requirements.txt && echo "We are ready to seek sailor! " && python3 cveSeeker.py

Usage

$ python3 cveSeeker.py --file <input_file> --project <project_name>
--file:             Input file containing domains / IPs (one per line).
--project:          Project name for storing results.
-cve CVE-ID         CVE ID for fetching POCs

Example

Passive Scanner : Asset -> CVE -> POC Lookup

CVE Reverse POC Lookup

Watch Full Demo Here

Watch Here!

License

This project is licensed - see the LICENSE file for details.

Note

Feel free to enhance, modify, or contribute to this script to suit your needs and explore more security-related projects!

Want to support my work?

Give me a Star in the repository or follow me @FR13ND0x7F , that's enough for me :P

Contact

Shoot my DM : @FR13ND0x7F

Coded with ❤️ by Anmol K Sachan (@FR13ND0x7F)