Open-source tools built by SecPod Labs.
No Licenses. No Trials. No Registrations.
$ vex-studio --package [email protected]
Generating SBOM · scanning CVEs...
✓ SBOM generated ⚠ CVE-2021-23337 found
CWE-94: Is vulnerable path reachable? → No
✓ Status: not_affected
✓ OpenVEX saved: vex-output.json
$ patchadvisor --cve CVE-2024-3094
Fetching CVE data from NVD...
✓ CVE-2024-3094 · CVSS 10.0 CRITICAL
XZ Utils backdoor (liblzma)
Affected: Ubuntu 22.04, Debian 12
Fix: apt-get install --only-upgrade xz-utils
$ dnsarmor --domain example.com
Running full DNS security audit...
✓ DNSSEC ✓ SPF ✓ DMARC
⚠ DKIM selector missing
⚠ Zone transfer not restricted
$_
VEX Authoring Tool for OSS Maintainers
An open-source guided VEX authoring tool for OSS maintainers. VEX Studio generates SBOMs, scans packages for CVEs, and uses CWE-guided exploitability questions to determine whether a vulnerability is reachable in the package context. It maps maintainer answers to VEX status values and justification codes, then produces auditable OpenVEX output ready for downstream use — helping reduce false-positive vulnerability alerts by turning exploitability analysis into a structured, publishable VEX document.
CVE Remediation Advisor for Linux Platforms
Look up any CVE and instantly get vendor-confirmed fix commands for your exact Linux distribution. PatchAdvisor queries authoritative sources and surfaces the right apt, yum, or apk remediation command, no manual searching, no guesswork.
Complete DNS Security Audit Tool
A comprehensive, open-source DNS security auditing tool that covers the full attack surface of DNS in a single run. Checks DNSSEC, SPF, DKIM, DMARC, zone transfer exposure, subdomain takeover risk, wildcard records, etc. giving your team a complete picture of DNS security posture instantly.
Stay informed on the latest range of free tools from Secpod labs
