Hi trickest,

Some may use the uppercase of Proof and Concept

(?i)[^a-z0-9]+([Pp]o[Cc]|[Pp]roof of [Cc]oncept|[Pp]roof[-_]of[-_][Cc]oncept)[^a-z0-9]+

such as the "Exploit Proof of Concept" in this page

Thanks,
dingisoul

Epic description

Create workflow for gathering all available POCs for CVEs from different informational sources.

Epic specification link

CVEs - notion product doc

Issues in this epic:

• trickest/find-gh-poc#13
• https://github.com/trickest/machinery/issues/88

Since fuff is not completely accurate because of different HTTP responses for each execution, anew should give us only new results which we should update and previous ones should stay.

This could be done by getting the previous references.txt directly from the repository

Vulnerable product: Cisco BroadWorks
Author: Eslam Akl (@eslam3kll)

CVE-2021–34785: IDOR lead to privileges escalation “Admin account takeover”
CVE-2021-34786: IDOR lead to delete arbitrary admin user accounts

POC: https://eslam3kl.medium.com/cisco-broadworks-vulnerabilities-cve-2021-34785-cve-2021-34786-91ee2be5a200

Hey! I think you can add a lot of PoCs from https://securitylab.github.com/advisories/

Hi, I'm the author of CVE-2006-1242. If you're interested in a PoC, check out my original Bugtraq report here, since CVE references are outdated:
https://seclists.org/bugtraq/2006/Mar/258

The affected product is the Linux kernel 2.4.x and 2.6.x before 2.6.16.

Describe the bug
Stored XSS caused by remote malicious content.

To Reproduce
According to the rules of regular matching, remotely construct malicious vulnerability description content, insert XSS payload into it, such as: <script>alert(1)</script> or payload that steals cookies.

Screenshots

Affected Version
Lastest.

CVE-2019-1579

Record : cve/2019/CVE-2019-12761.md

The PoC is the first mentioned reference : https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba
But no PoC was found.

Note that the actual PoC (the first reference) has the keywords "Proof-of-Concept" mentioned in the Gist's description.

We should create blacklists for github repositories that are known not to be reliable sources.

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

You should add some topics to get your repo better referenced. The following list provides some trendy topics I found via https://github.com/topics while browsing other related projects where you could settle your project in the top.

• poc
• cve
• cve-poc
• latest-cve
• vulnerability
• vulnerabilities
• software-vulnerabilities
• exploit
• security
• infosec
• hacking
• pentesting
• penetration-testing
• red-team
• security-tools

hi, as i can see 2023 cves md files are empty , this even cause a problem while trying running python script related to summary_html

md present without a poc at https://github.com/trickest/cve/blob/main/2024/CVE-2024-21672.md

Please update

https://github.com/mermaid-js/mermaid

POC for CVE-2023-25135: https://github.com/ambionics/vbulletin-exploits

Hello, May I ask whether the CVE files listed in the warehouse are all with POC?

poc

Hi, I'm the author of CVE-2019-2832.

This is a relevant reference:
https://github.com/0xdea/raptor_infiltrate19

PoCs are available here:
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc.c
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc2.c
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_sparc3.c
https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintname_intel.c
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/bas/aix_ppc_dtprintinfo.c
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/bas/sol_sparc_dtp.c
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/dave/dtprintinfo27.tar
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/dave/dtprintinfo28.tar
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/dave/nonexecdtprintinfo27.tar
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/dave/nonexecdtprintinfo28.tar
https://github.com/0xdea/raptor_infiltrate19/blob/master/exploits/dave/nonexecdtprintinfo28v12.tar.Z

Hi. I am using another project, which uses trickest / cve to display possible PoC Code for found CVEs.
While using this, I came across lots of links to repositories, which only contains the descriptions of the CVEs or just list the CVEs without any PoC code.

e.g. https://github.com/facebookincubator/nvdtools

Can they be added to the blacklist? I can either list the ones I found here or do a pull request for adding them to the blacklist if you are interested.

Good afternoon, I would like to share the recent exploit I created and would like it to be incorporated into this repository: https://github.com/david-botelho-mariano/exploit-CVE-2024-25723

Record : cve/2019/CVE-2019-12760.md

The PoC is the first mentioned reference : https://gist.github.com/dhondta/f71ae7e5c4234f8edfd2f12503a5dcc7
But the PoC found is : https://github.com/kaashmonee/rM2FS

The PoC found only mentions the vulnerability but is actually NOT the proof-of-concept. Note that the actual PoC (the first reference) has the keywords "Proof-of-Concept" mentioned in the Gist's description.

Along with the references.txt we should add github.txt which will contain all of the GitHub repositories, for further examination by workflow

Consider adapting your regex to something case-insensitive like the following :

(?i)[^a-z0-9]+(poc|proof of concept|proof-of-concept)[^a-z0-9]+

I've already seen some examples of PoC's not caught for CVE's that are well in your repo, therefore resulting in "No GitHub POC found".

We should appreciate all the authors that contribute POCs on Github in separate file ❤️

I reckon it could be useful for people to know what is being exploited, I tried to make this easily accessible here:
https://github.com/gmatuz/inthewilddb
maybe there is also some PoCs you can take from it. All data is Apache 2.0
If you find some PoC you miss, reach out glad to share the collection code too

As per https://twitter.com/_prbh/status/1492173398763618317 suggestion, thanks!

Please do add the truncated data

@trickest Thank you very much for quoting my project in your repo, for some reason I can't make other modifications, but for learning purposes, you can visit fahai.org for scripts

https://www.fahai.org/index.php/archives/146/

I could not find the code behind this workflow. Can you point me to it? Thanks!