Share
## https://sploitus.com/exploit?id=2F9CCB5A-E75E-5DB9-B677-4B38B6EB0A12
# ๐ Vulnerability Tracking & Remediation Tracker
A Python + SQLite vulnerability lifecycle manager โ from discovery to closure. Simulates a real security team's remediation workflow with CVSS scoring, SLA tracking, ownership, and a full audit trail.
## Quick Start
git clone https://github.com/kennysp19/vuln-tracker.git
cd vuln-tracker
python vuln_tracker.py
## Features
| Feature | Details |
|---|---|
| CVSS Scoring | Auto-maps scores to severity (Critical/High/Medium/Low) |
| SLA Tracking | Auto-calculates due dates by severity (Critical=7 days) |
| Lifecycle States | Open โ In Progress โ Patched โ Closed |
| Audit Trail | Every change logged with actor, timestamp, and comment |
| Risk Acceptance | CISO-level off-ramp for accepted business risk |
## Vulnerability Lifecycle
- OPEN โ newly discovered, awaiting triage
- IN_PROGRESS โ remediation actively underway
- PATCHED โ fix applied, pending verification
- CLOSED โ verified and signed off
- RISK_ACCEPTED โ business decision to accept the risk
## Sample Vulnerabilities Included
- Log4Shell (CVE-2021-44228) โ CVSS 10.0
- EternalBlue (CVE-2017-0144) โ CVSS 9.8
- Exposed .env file with AWS credentials โ CVSS 9.1
- SQL Injection in user search endpoint โ CVSS 8.8
- Unencrypted PII in S3 bucket โ CVSS 8.2
## Planned Improvements
- Flask web dashboard for browser-based management
- CSV export for audit reporting
- Email notifications on SLA breach
- See also: [SIEM Log Monitor](https://github.com/kennysp19/siem-monitor)