Share
## https://sploitus.com/exploit?id=41E14C3E-EF1F-5F60-B973-C44D1C69757C
![PayloadZero Logo](logo.png)

-------------------------------------------------------------------------------------------

# ๐Ÿšจ PayloadZer0 - KEV Threat Scanner

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
[![Nuclei](https://img.shields.io/badge/Nuclei-Required-green.svg)](https://github.com/projectdiscovery/nuclei)

Automated threat intelligence scanner that monitors CISA's Known Exploited Vulnerabilities (KEV) catalog and scans your infrastructure for emerging threats using Nuclei templates.

## ๐ŸŽฏ What It Does

- **Continuous Monitoring**: Automatically checks CISA KEV catalog for new exploited CVEs
- **Smart Deduplication**: Only scans NEW vulnerabilities (no wasted resources)
- **Automated Scanning**: Finds and executes Nuclei templates for each CVE
- **Real-Time Alerts**: Microsoft Teams notifications for new CVEs and findings
- **Scalable**: Handles large target lists with rate limiting and parallelization
- **Comprehensive Logging**: Full audit trail of all scanning activity

Perfect for red teams, security operations, and vulnerability management programs.

## ๐Ÿš€ Quick Start

### Prerequisites

- Python 3.8+
- [Nuclei](https://github.com/projectdiscovery/nuclei) vulnerability scanner
- Go 1.19+ (to install Nuclei)

### Installation

```bash
# 1. Clone the repository
git clone https://github.com/ob1sec/PayloadZer0.git
cd kev-threat-scanner

# 2. Run automated setup
chmod +x setup.sh
./setup.sh

# 3. Create your targets file
cat > hosts.txt  1000 hosts)**
```bash
--rate-limit 100 --scan-timeout 20 --interval 7200
```

## ๐Ÿšข Production Deployment

### Systemd Service

```bash
# Install service
sudo cp kev-scanner.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable kev-scanner
sudo systemctl start kev-scanner

# Check status
sudo systemctl status kev-scanner
sudo journalctl -u kev-scanner -f
```

### Docker (Coming Soon)

```bash
docker build -t kev-scanner .
docker run -d \
  -e TEAMS_WEBHOOK_URL="https://..." \
  -v $(pwd)/hosts.txt:/app/hosts.txt \
  -v $(pwd)/results:/app/scan_results \
  kev-scanner
```

## ๐Ÿ”ง Troubleshooting

### Nuclei Not Found
```bash
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
export PATH=$PATH:$HOME/go/bin
```

### No Templates Found
```bash
nuclei -update-templates
```

### Teams Notifications Not Working
```bash
# Test webhook
curl -X POST "$TEAMS_WEBHOOK_URL" \
  -H "Content-Type: application/json" \
  -d '{"text":"Test message"}'
```

### High False Positives
```bash
# Increase timeout for slow targets
python3 payloadZer0.py -t hosts.txt --scan-timeout 20
```

## ๐Ÿ“š Documentation

- [Quick Start Guide](QUICKSTART.md)
- [Deployment Guide](DEPLOYMENT.md)
- [Contributing](CONTRIBUTING.md)
- [Security Policy](SECURITY.md)

## ๐Ÿค Contributing

Contributions are welcome! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.

Areas we'd love help with:
- Docker support
- Additional notification channels (Slack, Discord, Email)
- Web UI for results
- CI/CD improvements
- Documentation

## ๐Ÿ“„ License

This project is licensed under the MIT License - see [LICENSE](LICENSE) file for details.

## โš ๏ธ Legal Disclaimer

This tool is for authorized security testing only. Unauthorized access to computer systems may violate local, state, national, or international laws. Users are solely responsible for ensuring they have proper authorization before scanning any systems.

## ๐Ÿ™ Acknowledgments

- [ProjectDiscovery](https://github.com/projectdiscovery) for Nuclei
- [CISA](https://www.cisa.gov/) for the KEV catalog
- The security research community

## ๐Ÿ“ง Contact

- Issues: [GitHub Issues](https://github.com/ob1sec/PayloadZer0/issues)
- Security: See [SECURITY.md](SECURITY.md)

## โญ Star History

If you find this tool useful, please consider giving it a star!

---

**Built for the security community** ๐Ÿ›ก๏ธ