Skip to content

vaultekbilisim/myvuln

Repository files navigation

MyVuln public repository banner

CVE intelligence · URL analysis · Intel Feed · API v1 · Alerting · Reports

Languages: Deutsch | Español | English | Português (Brasil) | Türkçe | Français

English English welcome

MyVuln is the public-safe product hub for CVE intelligence, URL analysis, Intel Feed, API v1, alerting, reports, support, and security policy.

Start here: Public scope defines what belongs here.

Türkçe Türkçe karşılama

MyVuln'in public tarafta güvenle gösterebileceğim ürün vitrini. Canlı ürün, dokümantasyon, destek, güvenlik politikası ve public sınırlar burada durur; private kaynak kod, müşteri verisi ve operasyonel secret'lar burada yer almaz.

Buradan başla: Türkçe ürün özeti README.tr.md; public/private sınırı için PUBLIC_SCOPE.

Live product Docs README languages Public boundary Private source Security policy Support


Next.js React Supabase TypeScript


Türkçe Türkçe

MyVuln; güvenlik ekipleri, analistler ve operasyon tarafı için tasarlanmış çok kiracılı bir tehdit istihbaratı platformudur. CVE takibi, URL istihbaratı, Intel Feed, API entegrasyonları, uyarı akışları ve raporlama süreçlerini tek bir çalışma yüzeyinde toplar.

Canlı ürün: https://myvuln.io/

Canlı dokümantasyon: https://myvuln.io/docs

Bu repo kaynak kod deposu değildir. MyVuln'in public vitrin, destek, güvenlik politikası ve yayın notları yüzeyidir. Private kaynak kod, Supabase migration'ları, operasyon SQL'leri, iç güvenlik kayıtları, müşteri/tenant verileri ve secret içeren hiçbir dosya burada tutulmaz.

English English

MyVuln is a multi-tenant threat intelligence platform for security teams, analysts, and operational workflows. It brings CVE tracking, URL intelligence, Intel Feed review, API integrations, alerting, exports, and reporting into a single product surface.

Live product: https://myvuln.io/

Live documentation: https://myvuln.io/docs

This is not the source-code repository. This public repository is the safe product hub for MyVuln: overview, support, security policy, and public release notes. Source code, Supabase migrations, operational SQL, internal security records, customer/tenant data, and secrets stay private.


Start here · Hızlı geçiş

Need Start with Public-safe outcome
Understand the live product surface myvuln.io and myvuln.io/docs Product capabilities, operator workflows and integration boundaries are clear.
Review API integration scope Public API v1 summary External automation paths stay limited to the documented /api/v1/* contract.
Check what this public repo may contain Public scope Source code, operational SQL, tenant data and secrets remain out of the public tree.
Report a vulnerability safely Security policy Disclosure moves through the private channel instead of public issues.
Ask for support without leaking evidence Support policy Redacted, high-signal context replaces logs, tokens, tenant data or private screenshots.

Enterprise trust signals · Kurumsal güven sinyalleri

Signal What it means Boundary
Public/private split This repository is a safe trust surface, not the application source tree. Private source, migrations, tenant data, logs and secrets stay out.
Live-docs contract Current product behavior is anchored in the hosted docs, with this repo mirroring safe summaries. Stale local copies should not override the live product contract.
API v1 boundary Integrations are documented around a small external API surface. Undocumented internal routes are not public integration targets.
Coordinated disclosure Security reports use the private reporting path. Public issues must not include exploit detail, secrets or customer evidence.

Product snapshot · Ürün özeti

Threat intelligence workspace

CVE, URL, and signal review workflows for analyst triage and investigation tracking.

TR: CVE, URL ve sinyal inceleme süreçleri için analist odaklı çalışma alanı.

Intel Feed

Operational feed surface for signal review, enrichment, deduplication, and handoff.

TR: Sinyal inceleme, zenginleştirme, tekrar azaltma ve aksiyon aktarımı için operasyonel feed.

API v1 boundary

API-key protected integration surface for approved security automation and reporting flows.

TR: Onaylı otomasyon ve raporlama akışları için API-key korumalı entegrasyon yüzeyi.

Alerts and reports

SMTP, webhook, in-app alerts, exports, and report generation for security operations.

TR: SMTP, webhook, uygulama içi uyarı, export ve rapor üretimi.

Live docs reference · Canlı doküman referansı

The public product docs at myvuln.io/docs describe the current public surface for operators and integrators. This repository mirrors only safe, high-level summaries and links back to the live docs for the active product contract.

myvuln.io/docs üzerindeki canlı ürün dokümantasyonu operatör ve entegrasyon ekipleri için güncel public yüzeyi anlatır. Bu repo yalnızca güvenli, üst seviye özetleri tutar ve aktif ürün sözleşmesi için canlı dokümantasyona yönlendirir.

Public surface What it covers Türkçe
Intelligence workspace CVE dashboard, CVE database, IoC database, USOM intelligence, Intel Feed, Intelligence Terminal. CVE paneli, CVE veritabanı, IoC veritabanı, USOM istihbaratı, Intel Feed ve Intelligence Terminal.
Public API v1 CVE feed/search, URL feed/search, SIEM/webhook dispatch. CVE feed/search, URL feed/search ve SIEM/webhook aktarımı.
Operations World Threat Map, reports, analytics, system logs, SMTP and webhook alert routing. World Threat Map, raporlar, analitik, sistem logları, SMTP ve webhook uyarı akışı.
Administration Team management, role boundaries, API key lifecycle, account controls. Ekip yönetimi, rol sınırları, API key yaşam döngüsü ve hesap kontrolleri.

See also:

Operating model · Çalışma modeli

Area English Türkçe
Intelligence CVE and URL intelligence workflows for analyst teams. Analist ekipleri için CVE ve URL istihbaratı akışları.
Triage Review queues, status tracking, enrichment, and reporting handoff. İnceleme kuyrukları, durum takibi, zenginleştirme ve raporlama aktarımı.
Integrations API v1, alerting, webhook, SMTP, and export workflows. API v1, uyarı, webhook, SMTP ve export iş akışları.
Governance Private source, public-safe docs, coordinated vulnerability reporting. Private kaynak, public-safe dokümantasyon, koordineli zafiyet bildirimi.

Public API v1 · Public API v1

The external integration contract is limited to /api/v1/*. Public docs currently cover:

Method Endpoint Purpose
GET /api/v1/feed/cves Normalized CVE feed with filtering and pagination.
GET /api/v1/search/cves Analyst-oriented CVE search with relevance ordering.
GET /api/v1/feed/urls URL/domain indicator feed with deduplication controls.
GET /api/v1/search/urls URL/domain search for investigation workflows.
POST /api/v1/integrations/siem/dispatch Splunk, Sentinel, or generic webhook dispatch flow.

Authentication, limits, response headers, and response examples are documented in the live docs: myvuln.io/docs.

Technical posture · Teknik konum

Frontend

Next.js 16, React 19, TypeScript, dashboard-first interface design.

Backend

Supabase-backed private implementation with server-side boundaries.

Security

Tenant-aware design, API-key integration boundary, RBAC, private disclosure path.

MyVuln core technology icons

Public repository boundary · Public repo sınırı

Published here Private by design
Product overview and public positioning Application source code
TR/EN public documentation Environment files and credentials
Security disclosure policy Supabase schema, migrations, and operational SQL
Support and issue templates Internal threat models and hardening records
Non-sensitive release notes Production logs, screenshots, tenant data, customer data
Public-safety validation script API keys, signing keys, tokens, cookies

The private MyVuln development repository remains private. Public issues and pull requests must not contain source code, schema details, exploit steps, secrets, tenant/customer data, or production evidence.

MyVuln private kaynak reposu private kalır. Public issue veya pull request içinde kaynak kod, schema detayı, exploit adımı, secret, tenant/müşteri verisi veya production kanıtı paylaşılmaz.

Security and disclosure · Güvenlik bildirimi

Security reports must follow SECURITY.md. Do not publish vulnerability details in public issues.

Güvenlik bildirimleri SECURITY.md üzerinden ilerlemelidir. Zafiyet detayları public issue içinde paylaşılmamalıdır.

Repository map · Repo haritası

myvuln/
  README.md                         Public TR/EN product showcase
  SECURITY.md                       Coordinated vulnerability reporting policy
  SUPPORT.md                        Public-safe support guidance
  CHANGELOG.md                      Public-safe change log
  docs/
    API_V1.md                      Public API v1 summary linked to live docs
    CAPABILITIES.md                Public product capability map
    PUBLIC_SCOPE.md                 Public/private boundary rules
    SECURITY_AND_PRIVACY.md         High-level security and privacy posture
    RELEASE_NOTES.md                Public release-note template
  scripts/
    validate-public-repo.mjs        Leak-prevention guard for this public repo

Validation · Yayın öncesi kontrol

Run before every commit:

npm run validate

Recommended public release gate:

npm run validate
gitleaks detect --source . --redact --exit-code 1
git diff --cached --check

The validator blocks sensitive paths, environment files, private source directories, operational security records, binary-like files, and common secret patterns.

Public links · Bağlantılar

Destination Link
Live product myvuln.io
Live docs myvuln.io/docs
Public API v1 summary docs/API_V1.md
Capabilities docs/CAPABILITIES.md
Security policy SECURITY.md
Support policy SUPPORT.md
Public scope docs/PUBLIC_SCOPE.md
Security and privacy docs/SECURITY_AND_PRIVACY.md
Public release notes docs/RELEASE_NOTES.md

Private source. Public trust surface. Clear security boundaries.



MyVuln footer wave

About

Public-safe TR/EN product hub for MyVuln threat intelligence platform.

Topics

Resources

License

Security policy

Stars

9 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors