Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Based on the scraped page content, the Pages site at deded.de is mainly a collection of vulnerability reproduction write-ups and PoC materials. Its categories include collection and k-poc, and the #Pocs tag contains around 1,320 entries. The articles cover systems such as Yonyou U8Cloud, Weaver ecology, Landray OA, Kingdee Apusic, Mingyuan Cloud ERP, and ZoneMinder. Most entries include the vulnerability name, an introduction, affected scope, cyberspace search syntax, and reproduction requests.
In terms of “protection type,” this is not a WAF, EDR, vulnerability scanner, or cloud security platform. It is closer to a vulnerability intelligence / PoC knowledge base. The content involves high-risk issues such as SQL injection, arbitrary file upload, arbitrary file read, JNDI injection, and remote command execution. The only apparent deployment model is web access; there is no visible SaaS console, on-premises component, or client application. Enterprise security product capabilities such as compliance certifications, management and alerting, asset linkage, reporting, and API integrations are not disclosed. As for integration capabilities, some articles provide FOFA query syntax that can help with asset discovery, but this does not amount to systematic integration.
The scraped content does not mention pricing, membership, subscriptions, payment methods, or commercial services, so the pricing model cannot be determined. The About page only shows “关于页面 This is my page,” and the site provides little background information. The author, maintenance team, content review process, and update mechanism are unclear. Accessibility from China cannot be confirmed from the text alone and should be verified through actual network testing.
The main advantage is the large number of vulnerability entries, with a focus on OA, ERP, SRM, and application server products commonly used by Chinese enterprises. This can be useful for security research, authorized penetration testing, and internal enterprise self-assessment. Some articles include affected versions, search syntax, and request examples, making it easier to quickly assess risk. The drawbacks are also clear: the content includes actionable payloads, which may create compliance risks if used without proper authorization. At the same time, the site does not provide protection, alerting, remediation workflows, or service support, and cannot replace a vulnerability management platform or security operations system.
It is better suited to security researchers, penetration testers, and enterprise security teams looking up vulnerability intelligence and learning reproduction techniques within an authorized scope. It is not suitable for organizations that want to purchase an automated protection, scanning, alerting, or compliance reporting system. It can be used alongside sources such as CNVD, CVE/NVD, Exploit-DB, Seebug, Vulhub, and PeiQi Wiki for cross-verification. In enterprise environments, priority should still be given to formal vulnerability scanners, WAFs, patch management, and security operations platforms.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on deded.de official site.
deded.de is an Germany Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach deded.de directly.