Alternatives and similar repositories for vuln-list

Users that are interested in vuln-list are comparing it to the libraries listed below

• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆154Updated this week
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆65Updated 2 months ago
• GeekMasher / security-codeql
  CodeQL Security Queries
  ☆26Updated this week
• IQTLabs / AuraBorealisApp
  Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
  ☆19Updated 2 years ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆118Updated 2 weeks ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆93Updated last year
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆65Updated last week
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated 2 weeks ago
• cve-search / CveXplore
  CveXplore
  ☆39Updated last month
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆142Updated last year
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆25Updated 2 years ago
• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆185Updated last week
• purs3lab / Argus
  ☆43Updated 10 months ago
• KarimPwnz / sourcegraph-scripts
  Scripts for Sourcegraph search results. Useful for static analysis <3
  ☆27Updated last year
• nccgroup / RFC-Security-Research
  Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
  ☆19Updated 4 years ago
• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆140Updated this week
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆58Updated last month
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆30Updated last year
• h4sh5 / pypi-auto-scanner
  Automatically scan new pypi packages for potentially malicious code
  ☆30Updated last year
• SunLab-GMU / PySecDB
  The official repository of ICSME'23 paper "Exploring Security Commits in Python"
  ☆18Updated last year
• githubuniverseworkshops / codeql
  CodeQL workshops for GitHub Universe
  ☆96Updated 2 years ago
• ajinabraham / package_scan
  PoC: Python package static and dynamic analysis to detect environment variable stealing
  ☆10Updated 4 years ago
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆40Updated this week
• advanced-security / codeql-bundle-action
  Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
  ☆26Updated last year
• cispa / ampfuzz
  Fuzzer for Amplification Vulnerabilities (USENIX '22, Krupp et al)
  ☆14Updated 2 years ago
• AvalZ / RevOK
  An HTTP Response fuzzer to find Vulnerabilities in Security Scanners
  ☆26Updated 11 months ago
• soez / cryptovenom
  Cryptovenom: The Cryptography Swiss Army Knife
  ☆9Updated 5 years ago
• google / threat-team
  IOCs from Google Threat Intelligence
  ☆31Updated last week
• advanced-security / gh-codeql-scan
  GH CLI CodeQL Scan Extension
  ☆19Updated 7 months ago