Detection Sources

We check whether a CVE can be detected by major open-source security tools.

OSV.dev (Open Source Vulnerabilities)

• What it is: Google's aggregated vulnerability database for open-source packages
• Coverage: npm, PyPI, Maven, Go, Rust, and other package ecosystems
• Why it matters: If a CVE is in OSV, tools like Trivy, Grype, and OSV-Scanner can find it in your dependencies
• Link: osv.dev

Nuclei Templates

• What it is: Community-driven vulnerability scanner with 8,000+ detection templates
• Coverage: Web application vulnerabilities, misconfigurations, exposed panels
• Why it matters: Nuclei is widely used for security assessments and bug bounty hunting
• Link: github.com/projectdiscovery/nuclei-templates

Sigma Rules

• What it is: Generic signature format for SIEM systems
• Coverage: Log-based detection for Windows, Linux, cloud, and application events
• Why it matters: Sigma rules can be converted to Splunk, Elastic, Microsoft Sentinel, and other SIEM platforms
• Link: github.com/SigmaHQ/sigma

Snort/Suricata Rules

• What it is: Network intrusion detection system (IDS) rules
• Coverage: Network traffic analysis, exploit detection, malicious payloads
• Why it matters: Deployed at network perimeters to detect attacks in transit
• Sources: Emerging Threats Open, c3rb3ru5d3d53c/signatures

YARA Rules

• What it is: Pattern matching rules for identifying malware and files
• Coverage: File-based detection, memory scanning, malware classification
• Why it matters: Used by antivirus tools, EDR solutions, and incident responders
• Link: github.com/Yara-Rules/rules

Semgrep Rules

• What it is: Static analysis tool for finding bugs and security issues in code
• Coverage: Source code patterns, vulnerable dependencies, insecure configurations
• Why it matters: Catches vulnerabilities during development before deployment
• Link: semgrep.dev/explore