Alternatives and similar repositories for mapi-action

Users that are interested in mapi-action are comparing it to the libraries listed below

• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• sonatype-nexus-community / cheque
  Audit C/C++ projects (make, cmake, command line, etc.)
  ☆27Updated 3 years ago
• OTARIS / FirmwareCheck
  Automated dynamic security analysis by emulation of IoT firmware images in CI-pipelines.
  ☆13Updated 4 years ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 months ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆129Updated 8 months ago
• usnistgov / swid-tools
  ☆14Updated 2 weeks ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• antitree / syscall2seccomp
  Build custom Docker seccomp profiles for containers by finding syscalls it uses.
  ☆90Updated 5 years ago
• illikainen / ossaudit
  Audit python packages for known vulnerabilities
  ☆33Updated 3 years ago
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆76Updated last week
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆33Updated last week
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆78Updated this week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆207Updated last week
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated last year
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 2 years ago
• google / gke-auditor
  ☆74Updated 4 years ago
• anchore / vulnerability-match-labels
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
  ☆12Updated this week
• anchore / grype-db
  ☆54Updated last week
• phylum-dev / vuln-reach
  A library for building tools to determine if vulnerabilities are reachable in a code base.
  ☆16Updated last month
• philips-software / license-scanner
  Service to scan licenses from source code
  ☆12Updated 2 years ago
• blacktop / seccomp-gen
  Docker Secure Computing Profile Generator
  ☆48Updated 3 years ago
• jordan-wright / ossmalware
  ☆93Updated 3 years ago
• danielfett / tlsprofiler
  Compares the TLS configuration of a web server to the Mozilla TLS Profiles
  ☆26Updated last year
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆119Updated last year
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• ouspg / cloudfuzzer
  ☆22Updated 8 years ago
• cve-search / CveXplore
  CveXplore
  ☆42Updated 2 weeks ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆78Updated 9 months ago