CSTOOL.io allows you to list vulnerabilities for the products that you are using. It highlights vulnerabilities that have known exploits or that are currently being discussed in the news. To do that, CSTOOL.io consists of a collection of services:
To access the individual projects and source code see the links below. To start using the service simply click on the button above.
You can search for vulnerabilities and create different inventories of hardware and software:
Compare vulnerabilities for a number of products in a selected time range. For instance, compare different browsers:
Find out which other products are affected by the combined vulnerabilities of one product.
If any vulnerabilities have known exploits or were mentioned in the news, these are highlighted in the summary.
CSTOOL.io correlates CVEs and cybersecurity news articles.
I.e. to search for the most up-to-date news (hot topics) that mention CVEs:
Request more / older articles:
See below for more API examples.
CSTOOL.io constantly monitors worldwide news and links the articles to mentioned vulnerabilities. Find out which vulnerabilities are currently being discussed or actively used in attacks.
Known exploits are highlighted and linked to so you can examine the exploit quickly.
All official details are listed for each CVE - with convenient links to CVSSjs.org to quickly deduce and understand the CVSS score for each vulnerability.
Copy lists of vulnerabilities and product summaries and paste them into another application, i.e. into a spreadsheet.
Receive curated personalized emails daily for each of your inventories with newly discovered vulnerabilities.
Get daily summaries of "hot topics" - vulnerabilities that are currently seeing coverage in the news.
If you want to save inventories or receive emails, you may sign up with email/password or use your existing Github or Google account.
Create your own lists of hardware and software products to get vulnerability summaries. CSTOOL.io will also monitor them for newly discovered vulnerabilities.
For each vulnerability, see a list of news articles that it was mentioned in. For each article, see which other CVEs were mentioned in the same article.
Adjust your email preferences and other settings when you have signed up with an account.
Search known vulnerabilities for software / hardware:
Run a search to list all vulnerabilities (and news) for the linux kernel from 2020-2022:
This is useful if you don't know the exact version(s) of software being used or if you want to compare the vulnerability situation of multiple products (i.e. Chrome vs. Firefox). Also check out the UI to do stuff like this. Just click on any of the nice blue buttons on this page to run the UI.
Search all published news articles about a specific CVE. For new CVEs this often delivers results even if no official details have been published yet:
Software has bugs. Bugs are bad. Bugs cause vulnerabilities. Attackers exploit these vulnerabilities to compromise your systems. Installing updates solves the problem - some of the time. Sometimes you cannot install an update because of existing software dependencies. Sometimes there is no update: zero-day vulnerabilities can exist for weeks until mitigation becomes possible. CSTOOL.io will help you to know which vulnerabilities are most relevant for you and decide what to do about them. This short video explains what CVEs are and how they help you to secure your systems. Watch the video or start a user-friendly interface right now: