In the wild
We believe the ability to react within hours to vulnerabilities that are being exploited is the foundation to all vulnerability management.
We are not saying you should not patch the rest, quite contrary we believe the real solution is automatic updates. That said the reality is that most of you do scan and triage vulnerabilities.
If you do that and your process is not able to identify actively exploited vulnerabilities and remediate them within hours it matters very little what your mean time to remediation is. You are not capturing most of the value.
There is an explosion of vulnerability scanning tools, research into vulnerabilities -resulting in number of CVEs skyrocketing- and awesome threat intelligence work. Once can have unprecedented insight into vulnerability information. We do think though that this possibly made the problem harder, because in your first steps most of this data will be noise.
Add to this, there is no one source to look at to get information about exploitation in the wild. The status changes quickly, sources are scattered. Unless you are willing to pay for a high quality threat intel feed or vulnerability scanner the coverage is quite spotty.
We are here to change that!
If you want to know what is the latest on vulnerabilities being exploited, subscribe to our RSS, follow us on Twitter, check it out via the API, use our Docker image or go low level and query it from our database exports.
If you are a security researcher and notice something new getting exploited in the wild, please let us know. Hopefully this will help amplify your voice and we are happy to do our part at that. We made this super easy for you: you already publish your research on Twitter or LinkedIn, just @inthewildio and we will add your report. You can also use our API if you never leave your terminal!
If you are building a vulnerability scanning solution, you can take the hourly database export and provide your customers with up-to-date information about exploitation. Well that and consider sponsoring this project!
Want to get involved?
Provide us with exploitation information!
To avoid crying wolf we verify the submissions. Volunteer to triage submissions, we need more hands especially in timezones out of CET (Europe)!
Send us PRs to make it easier for people to use our data!
Be a sponsor, or just buy us a coffee if this makes your life easier
Thanks to all who are publishing exploitation information
We also collect information regarding available exploits. Not as essential as exploitation but it is still a simple to capture binary information about CVEs that should guide your triage. Pretty much the last one. The rest really depends on your context and the context of the vulnerability.
Even though there are a number of open source sources here (Metasploit, Exploitdb..) there is no unified place and a bunch of them are not easily searchable.
We are here to change that!
We collect exploits from a number of sources so if you are triaging CVEs or just looking for something for your pentest, check the reports on our site, query it in the CLI or go crazy with our database exports.
If you want to help we ask you to notify us on Twitter, LinkedIn via the API if you are publishing something new or if there is something we missed! We are collecting exploit information too!
Exploit information is also available via our CLI and database exports.