cyclonedx-dotnetCreates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (-28.57%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-33.12%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-87.01%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-49.35%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (-16.23%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, sbom, cyclonedx, obom, mbom, saasbom cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-82.47%)
cyclonedx-node-modulecreates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (-32.47%)
scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (-57.14%)
SBOMExamples and proof-of-concept for Software Bill of Materials (SBOM) code & data
Stars: ✭ 38 (-75.32%)
cdxgenCreates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (-51.3%)
awesome-sbomA curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Stars: ✭ 164 (+6.49%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+124.68%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+718.83%)
packageurl-swiftSwift implementation of the package url spec
Stars: ✭ 21 (-86.36%)
OpossumUIA light-weight app to audit and inventory large codebases for open source license compliance.
Stars: ✭ 32 (-79.22%)
KiCostBuild cost spreadsheet for a KiCad project.
Stars: ✭ 376 (+144.16%)
casCodenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts
Stars: ✭ 137 (-11.04%)
AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (-48.05%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+1286.36%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+6531.17%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+5794.81%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+30.52%)
Owasp Cloud SecurityOWASP Cloud Security - Enabling conversations through threat and control stories
Stars: ✭ 148 (-3.9%)
Threat DragonAn open source, online threat modelling tool from OWASP
Stars: ✭ 57 (-62.99%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (+3.9%)
ThemisEasy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Stars: ✭ 1,232 (+700%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+2414.94%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-53.25%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-5.19%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (-59.74%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-74.03%)
BreachdetectorDetect root, emulation, debug mode and other security concerns in your Xamarin apps
Stars: ✭ 57 (-62.99%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+1132.47%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+29.22%)
Owaspheaders.coreA .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Stars: ✭ 138 (-10.39%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-75.97%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+537.66%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+999.35%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+475.97%)
license-lsGet a list of licenses used by a projects dependencies
Stars: ✭ 17 (-88.96%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+54.55%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+21.43%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (-12.99%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-15.58%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+366.23%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+315.58%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (+19.48%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+1150.65%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+280.52%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+3980.52%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+1035.06%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+257.14%)