Skip to content

vedant44-cyber/0-Day_Radar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
0-Day Radar.ipynb
0-Day Radar.ipynb
 
 
README.md
README.md
 
 
data_set.py
data_set.py
 
 
nvd_data.csv
nvd_data.csv
 
 

Repository files navigation

0-Day Radar

Tagline: "Predicting the next hack, not just reporting the last one."

0-Day Radar is a predictive threat intelligence platform built to shift vulnerability management from reactive patching to proactive defense. By triangulating data from three authoritative sources, it identifies which vulnerabilities are most likely to be exploited and what you should focus on today.

The Core Concept: The Risk Triangle

Our unique advantage comes from combining three distinct datasets:

  1. NVD (NIST) - The Dictionary: Provides CVE metadata, base CVSS severity scores, and descriptions.
  2. CISA KEV - The Evidence: Tracks Known Exploited Vulnerabilities—active attacks happening in the wild right now.
  3. EPSS (First.org) - The Oracle: Uses machine learning to calculate a probability (0-100%) of a vulnerability being exploited in the next 30 days.

By using this triangulated approach, we move beyond basic severity metrics and focus on exploitation probability + confirmed attacks.

Application Features

The application is structured into three main views:

  • Executive Dashboard (Zero-click status report):

    • Panic Meter: Highlights critical CVEs with an EPSS score > 50%.
    • KPI Metrics: Active KEV count, high EPSS vulnerabilities, and critical totals.
    • Kill List: Top 5 most dangerous current CVEs.
    • Velocity Trend: 30-day timeline of exploitation growth.

  • Threat Hunter (Interactive analyst view):

    • Vendor Filter: Dynamic filtering for visualization drilling.
    • Risk Matrix: Scatter plot showing Vulnerability Age vs. EPSS score.
    • Vendor Shame: Identifies which technology vendors introduce the most risk to your environment.

  • AI Risk Analyst (The wildcard):

    • CISO Translator: Converts technical CVE details to business-language executive briefings.
    • Confidence Scoring: Provides an actionable 60-100% confidence score based on KEV status and EPSS prediction.

Tech Stack & Architecture

  • Data Ingestion: Python & Pandas for real-time and scheduled API ingestion.
  • Data Processing: DuckDB (SQL) integration for fast, localized querying.
  • Analytics Environment: Hex (Python, SQL, Interactive Jinja Markdown).
  • APIs Used: NVD / NIST Services, CISA KEV Catalog, EPSS (First.org).

Built for the Hex Hackathon | Ready to deploy as an enterprise threat intelligence platform

About

app.hex.tech/virtual-hackathon/app/0-Day-Radar-0328PydsDCPOJcUR52v88M/latest

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages