Methodology and accompanying scripts to identify novel CVEs using information from existing CVEs. Based on the talk "Stalking Known Open Source Offenders for Novel CVEs" from BSidesCT and BSidesDayton.
Stalking Known Open Source Offenders for Novel CVEs This repository contains a methodology for finding novel vulnerabilities in open source projects that have CVEs that have already been discovered The talk was presented at BSidesCT and BSidesDayton in 2020 BSidesDayton (2020-11-21): wwwyoutubecom/watch?v=Eq59O381jj0 BSidesCT (2020-11-14): wwwyoutubecom/w