cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-81.82%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-6.36%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-29.09%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (+40%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, purl, package-url, sbom, cyclonedx, sbom-generator, obom, mbom, saasbom specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+17.27%)
Mutual labels: owasp, bom, vex, spdx, bill-of-materials, software-bill-of-materials, sbom, cyclonedx, obom, mbom, saasbom cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-75.45%)
cyclonedx-node-modulecreates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (-5.45%)
scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (-40%)
SBOMExamples and proof-of-concept for Software Bill of Materials (SBOM) code & data
Stars: ✭ 38 (-65.45%)
cdxgenCreates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (-31.82%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+214.55%)
awesome-sbomA curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Stars: ✭ 164 (+49.09%)
packageurl-swiftSwift implementation of the package url spec
Stars: ✭ 21 (-80.91%)
KiCostBuild cost spreadsheet for a KiCad project.
Stars: ✭ 376 (+241.82%)
OpossumUIA light-weight app to audit and inventory large codebases for open source license compliance.
Stars: ✭ 32 (-70.91%)
casCodenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts
Stars: ✭ 137 (+24.55%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+1046.36%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+1278.18%)
Csrf Protector PhpCSRF Protector library: standalone library for CSRF mitigation
Stars: ✭ 178 (+61.82%)
ThemisEasy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Stars: ✭ 1,232 (+1020%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+96.36%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (+45.45%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-34.55%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (-43.64%)
Pwning Juice ShopGitBook markdown content for the eBook "Pwning OWASP Juice Shop"
Stars: ✭ 110 (+0%)
Securetea ProjectThe OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Stars: ✭ 181 (+64.55%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+116.36%)
AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (-27.27%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+50.91%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+9183.64%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+32.73%)
BreachdetectorDetect root, emulation, debug mode and other security concerns in your Xamarin apps
Stars: ✭ 57 (-48.18%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+8152.73%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+1840.91%)
SecurecodingdojoThe Secure Coding Dojo is a platform for delivering secure coding training.
Stars: ✭ 216 (+96.36%)
Threat DragonAn open source, online threat modelling tool from OWASP
Stars: ✭ 57 (-48.18%)
Owasp Cloud SecurityOWASP Cloud Security - Enabling conversations through threat and control stories
Stars: ✭ 148 (+34.55%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-66.36%)
SlidesThe repo contains all the slide deck that was used during my presentation at various webinars, conferences, and meetups.
Stars: ✭ 56 (-49.09%)
license-lsGet a list of licenses used by a projects dependencies
Stars: ✭ 17 (-84.55%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+3420.91%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+1625.45%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+792.73%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+706.36%)
Owaspheaders.coreA .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Stars: ✭ 138 (+25.45%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+82.73%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+1439.09%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+552.73%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (+21.82%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+481.82%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+432.73%)
headersAn application to catch, search and analyze HTTP secure headers.
Stars: ✭ 59 (-46.36%)