A client that extracts vulnerability-related observations from the Tsunami Security Scanner plugins
repository and publishes them as sightings on a Vulnerability-Lookup instance.
Each committed Tsunami detector is a compiled, executable proof-of-concept for
a specific vulnerability. TsunamiSight emits one sighting per (plugin, CVE)
pair with the default type published-proof-of-concept.
- Related task: Topics at hackathon.lu – hackathon.lu - The Open Source Security Software Hackathon
- GitHub issue: can we do a sighting tool for tsunami as well? · Issue #340 · vulnerability-lookup/vulnerability-lookup · GitHub
- Source code: GitHub - vulnerability-lookup/TsunamiSight: Vulnerability-Lookup sighting client for Google's Tsunami Security Scanner plugin repository. · GitHub
- Pypi: Client Challenge