vFeed Framework is a CVE, CWE and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema. It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.
The vFeed Database regarding our Consultancy / Integrator plans has been updated and now available for download. Check the new changes.
The Metabrik Platform is a Rapid Development of Reusable Security Tools that binds together a classic shell with a Perl interpreter as a REPL (Read-Eval-Print-Loop) and a ton of small Briks. Briks are reusable components each performing a specific task. You chain Briks together using Perl variables, they are used to pass output of a […]
FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. With the version 2.0, the author added a new module to support the capabilities of vulnerability search through vFeed Database.
An independant developer has release a Shiny App is for searching and visualizing vFeed fully aggregated, cross-linked and standardized Vulnerability CVE Database that contains detective and preventive security information repository used for gathering vulnerability and mitigation data on the internet.
The folks at Sec4U (not affiliated with vFeed IO) has released a very beautiful web interface for vFeed Community Vulnerability Database. The interface allows search by products and by CVE.
The spanish company S2 Grupo has publish an article showing how they leverage the power of vFeed database correlation to empower their SIEM solution. The article shed light on a neat way to enrich vulnerability and IDS solution with the appropriate correspondence of information such as Nessus plugins, Snort and Suricata SIDs.
This interesting paper from Lancaster Research Center shed light on a methodology to create a vulnerability scanner for Industrial Control Systems . The authors leveraged the power of vFeed database correlation, amongst other free utilities, to release a tool called SimaticScan to scan Siemens PLCs vulnerabilities.
Russ McRee runs the Blue Team for Microsoft’s Windows and Devices Group (WDG). He writes the monthly column toolsmith. Russ has spoken infosec events such Defcon, Black Hat, RSA,and FIRST and has published in the likes of Information Security, Linux Magazine, (IN)SECURE, and SysAdmin.
During Splunk Worldwide Users’ Conference .Conf2015, Craig Merchant (Senior Security Architect at Oracle) presented a very interesting talk about how to explore the capabilities of free tools and make the most of them using Splunk.