Alternatives and similar repositories for mapi-action

Users that are interested in mapi-action are comparing it to the libraries listed below

• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆135Updated 2 months ago
• chainguard-sandbox / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆50Updated 2 years ago
• phylum-dev / vuln-reach
  A library for building tools to determine if vulnerabilities are reachable in a code base.
  ☆17Updated 5 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆230Updated this week
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 6 months ago
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 3 years ago
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆141Updated 2 years ago
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆310Updated this week
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆132Updated 2 weeks ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• jordan-wright / ossmalware
  ☆93Updated 3 years ago
• blacktop / seccomp-gen
  Docker Secure Computing Profile Generator
  ☆49Updated 4 years ago
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆192Updated this week
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆36Updated 3 months ago
• spdx / spdx-examples
  Examples of SPDX files for software combinations
  ☆142Updated 2 months ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆81Updated last year
• AppThreat / atom
  atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆84Updated last week
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆122Updated 2 years ago
• usnistgov / swid-tools
  ☆15Updated last week
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆226Updated last year
• aboutcode-org / purldb
  Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Sup…
  ☆58Updated last week
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆84Updated this week
• anchore / grype-db
  ☆59Updated this week
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆96Updated last year
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆141Updated this week
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 3 years ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆104Updated last week
• VulnerabilityHistoryProject / vulnerability-history
  vulnerabilityhistory.org
  ☆35Updated last year
• sonatype-nexus-community / cheque
  Audit C/C++ projects (make, cmake, command line, etc.)
  ☆27Updated 4 years ago