specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
cdxgenCreates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
cyclonedx-dotnetCreates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!