Open Tools

Tools I Build

Security tools built for practitioners — free to use, open where possible, built from what I actually need while doing the work.

VulnDigest

vulndigest.sochub.io

CVE tracking with real-time exploitability signals. Search and monitor vulnerabilities with intelligence from NVD, CISA KEV, and EPSS — built to cut through noise and surface what actually matters.

CVE Search

Search and filter the full CVE database. Find specific vulnerabilities fast without wading through raw NVD feeds.

Exploitability Signals

Real-time data from CISA KEV (actively exploited) and EPSS (probability scoring) — context that CVSS scores alone don't give you.

API Access

Pull vulnerability data programmatically. Integrate VulnDigest into your own tooling, pipelines, or dashboards.

Data Sources
NVD CISA KEV EPSS
Follow @sochub_ar on Telegram

SIRAS

github.com/Stuxend/siras

Security Incident Response Automated Simulations. An open-source Python framework for simulating realistic attack scenarios — test your detection coverage and validate IR readiness before a real attacker does it for you.

Attack Simulation

Simulate compromised credentials, privilege escalation, LOTL techniques, and insecure workload configurations aligned with MITRE ATT&CK.

Detection Validation

Verify that your SIEM alerts fire correctly, reach the right channels, and that analysts have the context to respond.

Open Source

Python-based, open source, and actively developed. Contributions welcome.

Python MITRE ATT&CK Open Source Incident Response
Feedback & Ideas

Found a Bug? Have a Feature Idea?

Both tools are actively developed. If you're using them and have feedback, questions, or want to contribute — reach out directly.

Email santi@sochub.io
GitHub Stuxend
Telegram @sochub_ar
Stay Updated

Get Updates on New Tools

Subscribe to the newsletter for new articles, tool updates, and security research.

Subscribe Free