cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (+221.88%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+143.75%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-37.5%)
scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (+106.25%)
cyclonedx-dotnetCreates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (+243.75%)
cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (+381.25%)
license-lsGet a list of licenses used by a projects dependencies
Stars: ✭ 17 (-46.87%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+303.13%)
Sharing-creates-valueThis repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles
Stars: ✭ 66 (+106.25%)
dtrack-auditOWASP Dependency Track API client for intergration into CI/CD pipeline
Stars: ✭ 30 (-6.25%)
awesome-sbomA curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Stars: ✭ 164 (+412.5%)
cyclonedx-node-modulecreates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (+225%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+3840.63%)
RHEL8-STIGAnsible role for Red Hat 8 STIG Baseline
Stars: ✭ 73 (+128.13%)
vulndb-data-mirrorA simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (+12.5%)
PowerSponsePowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
Stars: ✭ 35 (+9.38%)
licensorwrite licenses to stdout
Stars: ✭ 138 (+331.25%)
tools-pythonA Python library to parse, validate and create SPDX documents.
Stars: ✭ 65 (+103.13%)
DependencycheckOWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Stars: ✭ 3,571 (+11059.38%)
Retire.jsscanner detecting the use of JavaScript libraries with known vulnerabilities
Stars: ✭ 2,909 (+8990.63%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (+37.5%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-12.5%)
cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-15.62%)