153 Open source projects that are alternatives of or similar to cyclonedx-gomod

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data

creates CycloneDX Software Bill of Materials (SBOM) from node-based projects

Build cost spreadsheet for a KiCad project.

Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.

Codenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

This repository for training application security.

A light-weight app to audit and inventory large codebases for open source license compliance.

Framework for Testing WAFs (FTW!)

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

A vanity URL generator for your Go packages.

微信公众号开发API封装

Deploy, update, and stage your WAFs while managing them centrally via FMS.

🎁 a wrapper around all package managers

A rain radar card using the new tiled images from the Australian BOM

Owasp Zap chart for Kubernetes

bWAPP latest modified for PHP7

This is the official main repository for the Assimilation project

A reimplementation of lsbom

This is the Azure Kubernetes Service (AKS) baseline cluster for regulated workloads reference implementation as produced by the Microsoft Azure Architecture Center.

Houdini Tools

A RobotC Library for Vex Robotics

Docker + go modules in go1.11

Demo - how to easily build security testing for Web App, using Zap and Glue

KiCad automation utility

Vegetation Generation Tool for Houdini

Docker repository for OWTF (64-bit Kali)

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

Custom Animated Weather Card for any weather provider

DOOM port for the Vex V5 Robot Brain

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens

houdini hda tools focused on procedural modeling environments

Complete Documentation For JavaScript Bootcamp Course By Osama Elzero.

Documentation for Essential Node.js Security

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Detection of the BOM and removing as necessary

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

前端课程学习笔记汇总

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

POC about usage of JSON Web Tokens (JWT) in a secure way.

OWASP ZAP addon for finding vulnerabilities in JWT Implementations

No description or website provided.

KiCad to PartKeepr BOM Tool with Octopart integration

Software Component Verification Standard (SCVS)

Pentester's Tools Parser (PTP) provides an unified way to retrieve the information from all (final goal) automated pentesting tools and assign an automated ranking for each finding.

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)

A web application that contains several unit tests for the purpose of .NET security