Share
## https://sploitus.com/exploit?id=2F9CCB5A-E75E-5DB9-B677-4B38B6EB0A12
# ๐Ÿ” Vulnerability Tracking & Remediation Tracker

A Python + SQLite vulnerability lifecycle manager โ€” from discovery to closure. Simulates a real security team's remediation workflow with CVSS scoring, SLA tracking, ownership, and a full audit trail.

## Quick Start

git clone https://github.com/kennysp19/vuln-tracker.git
cd vuln-tracker
python vuln_tracker.py

## Features

| Feature | Details |
|---|---|
| CVSS Scoring | Auto-maps scores to severity (Critical/High/Medium/Low) |
| SLA Tracking | Auto-calculates due dates by severity (Critical=7 days) |
| Lifecycle States | Open โ†’ In Progress โ†’ Patched โ†’ Closed |
| Audit Trail | Every change logged with actor, timestamp, and comment |
| Risk Acceptance | CISO-level off-ramp for accepted business risk |

## Vulnerability Lifecycle

- OPEN โ€” newly discovered, awaiting triage
- IN_PROGRESS โ€” remediation actively underway
- PATCHED โ€” fix applied, pending verification
- CLOSED โ€” verified and signed off
- RISK_ACCEPTED โ€” business decision to accept the risk

## Sample Vulnerabilities Included

- Log4Shell (CVE-2021-44228) โ€” CVSS 10.0
- EternalBlue (CVE-2017-0144) โ€” CVSS 9.8
- Exposed .env file with AWS credentials โ€” CVSS 9.1
- SQL Injection in user search endpoint โ€” CVSS 8.8
- Unencrypted PII in S3 bucket โ€” CVSS 8.2

## Planned Improvements

- Flask web dashboard for browser-based management
- CSV export for audit reporting
- Email notifications on SLA breach
- See also: [SIEM Log Monitor](https://github.com/kennysp19/siem-monitor)