Skip to content

The Internet Observatory (Obsrva) is a vulnerability research project founded by independent security researcher Tyler Butler. Obsrva engages product vendors in coordinated disclosures, publishes vulnerability advisories, and creates proof of concept exploits.

Notifications You must be signed in to change notification settings

obsrva/obsrva.org

Folders and files

NameName
Last commit message
Last commit date

Latest commit

4dd5144 · Oct 23, 2021
Sep 10, 2021
Oct 23, 2021
Sep 10, 2021
Oct 23, 2021
Mar 1, 2021
Oct 23, 2021
Sep 15, 2021
Sep 10, 2021
Oct 2, 2019
Jul 28, 2020
Apr 23, 2021
Feb 27, 2020
Aug 28, 2021
Aug 28, 2021
Sep 9, 2021
Oct 1, 2020
Sep 14, 2021
Jun 15, 2021
Jun 15, 2021
Apr 15, 2021

Repository files navigation

The Internet Observatory

Netlify Status

The Internet Observatory (Obsrva) is a vulnerability research project founded by independent security researcher Tyler Butler. Obsrva engages product vendors in coordinated disclosures, publishes vulnerability advisories, and creates proof of concept exploits.

Coordinated Disclosures

Obsrva engages vendors of hardware, software, and internet-based services in coordinated disclosures after the discovery of vulnerabilities effecting their products. Following industry standards, vendors are provided identification of the vulnerability, statements addressing impact, and mitigation recommendations.

Vulnerability Advisories

Obsrva coordinates with product vendors to publish vulnerability advisories on obsrva.org/advisories. Advisories allow customers, blue and red team operators, and the broader research community to access technical details and research methodology.

  1. CVE-2021-3441
  2. CVE-2021-35956

Proof of Concept Exploits

Obsrva develops proof of concept exploits for discovered vulnerabilities and publishes them on the exploit database (exploit-db.com). PoC’s can also be found on GitHub where PR’s are welcome for the community to collaborate.

  1. HP OfficeJet 4630/7110 MYM1FN2025AR - Stored Cross-Site Scripting (XSS)
  2. AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)
  3. PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)
  4. PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection

Research Library

Obsrva maintains the iOT Research Library, a collection of iOT and embedded devices available for loan by independent security researchers. The library provides access to unique, EOL, or other devices no longer under active research by Obsrva.

Credit

Obsrva would like to thank the following for open source and public domain assets used on obsrva.org

  1. 18F: A Jekyll theme showcase used as a template for obsrva.org.

  2. @matthewhenry: matthewhenry is a videographer (vimeo.com/mtthwhnry) & photographer for Shopify located in Toronto, Canada whoose images are used on obsrva.org.

About

The Internet Observatory (Obsrva) is a vulnerability research project founded by independent security researcher Tyler Butler. Obsrva engages product vendors in coordinated disclosures, publishes vulnerability advisories, and creates proof of concept exploits.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published