IBM/CBOM

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/IBM/CBOM)

IBM / CBOM

Cryptography Bill of Materials

☆99

Alternatives and similar repositories for CBOM

Users that are interested in CBOM are comparing it to the libraries listed below

Sorting:

cbomkit / sonar-cryptography
View on GitHub
This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
☆55Feb 9, 2026Updated 3 weeks ago
cbomkit / cbomkit
View on GitHub
A toolset for dealing with Cryptography Bill of Materials (CBOM)
☆79Feb 16, 2026Updated 2 weeks ago
cbomkit / cbomkit-theia
View on GitHub
A tool for detecting cryptographic assets in container images and directories, and generating CBOMs.
☆30Feb 23, 2026Updated last week
opencybersecurityalliance / PACE
View on GitHub
Posture Attribute Collection and Evaluation
☆23Jun 20, 2023Updated 2 years ago
CycloneDX / sbom-combiner
View on GitHub
Lockheed Martin developed utility to combine multiple CycloneDX SBOMs
☆13Jan 16, 2023Updated 3 years ago
Santandersecurityresearch / PQCTools
View on GitHub
PQC Transition Tools Index
☆36Jan 22, 2026Updated last month
arborchat / sprig
View on GitHub
Cross platform Arbor client, mirrored from SourceHut
☆13Jun 26, 2024Updated last year
Dentrax / cosigneth
View on GitHub
Container Image Signing & Verifying on Ethereum [Testnet]
☆17Mar 15, 2022Updated 3 years ago
CycloneDX / cyclonedx-property-taxonomy
View on GitHub
A taxonomy of all official CycloneDX property namespaces and names
☆21Updated this week
JFolberth / Azure_IaC_Flavors
View on GitHub
Open source repository to help others learn about IaC and the various flavors
☆18Apr 16, 2024Updated last year
CycloneDX / gh-python-generate-sbom
View on GitHub
GitHub action to generate a CycloneDX SBOM for Python
☆14Jan 10, 2025Updated last year
AlmaLinux / alma-sbom
View on GitHub
AlmaLinux OS SBOM data management utility.
☆16Jan 20, 2026Updated last month
jeremyhahn / go-trusted-platform
View on GitHub
Platform software for Trusted Computing - TPM 2.0, Certificate Authority, and Web Services required to perform Local and Remote Attestati…
☆19Apr 7, 2025Updated 10 months ago
philips-software / SPDXMerge
View on GitHub
SPDX Merge tool
☆50Apr 22, 2025Updated 10 months ago
netskopeoss / BOMSkope
View on GitHub
☆11Jan 28, 2025Updated last year
aquasecurity / vexhub
View on GitHub
☆32Updated this week
advanced-security / gh-sbom
View on GitHub
Generate SBOMs with gh CLI
☆199May 30, 2025Updated 9 months ago
protobom / protobom
View on GitHub
A universal SBOM representation in protocol buffers
☆316Feb 18, 2026Updated last week
cybeats / sbomgen
View on GitHub
List of SBOM Generation Tools
☆30Mar 7, 2025Updated 11 months ago
kubernetes-sigs / bom
View on GitHub
A utility to generate SPDX-compliant Bill of Materials manifests
☆443Updated this week
hermetoproject / hermeto
View on GitHub
Hermeto is a CLI tool that prefetches project dependencies for hermetic container builds.
☆33Updated this week
cyentific-rni / stix2.1-coa-playbook-extension
View on GitHub
A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
☆23Dec 11, 2023Updated 2 years ago
OpenEoX / openeox
View on GitHub
This project aims to standardize the representation and management of EOL and EOS product information across the industry.
☆30Mar 4, 2024Updated last year
spdx / spdx-3-model
View on GitHub
The model for the information captured in SPDX version 3 standard.
☆98Updated this week
CycloneDX / cyclonedx-dotnet-library
View on GitHub
.NET library to consume and produce CycloneDX Software Bill of Materials (SBOM)
☆26Feb 10, 2026Updated 3 weeks ago
CycloneDX / license-scanner
View on GitHub
Utility that provides an API and CLI to identify licenses and legal terms
☆52Jul 11, 2025Updated 7 months ago
cyght-io / oscal-diagrams
View on GitHub
Automatically generated diagrams for OSCAL models
☆22Apr 12, 2022Updated 3 years ago
sbomtools / apt2sbom
View on GitHub
apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information
☆25Feb 4, 2022Updated 4 years ago
microsoft / scim
View on GitHub
Supply Chain Integrity Model
☆106Jun 12, 2023Updated 2 years ago
openvex / vexctl
View on GitHub
A tool to create, transform and attest VEX metadata
☆176Updated this week
scanoss / purl2cpe
View on GitHub
PURL to CPE Relationship mapping project.
☆111Updated this week
bureado / awesome-software-supply-chain-security
View on GitHub
A compilation of resources in the software supply chain security domain, with emphasis on open source
☆348Feb 22, 2026Updated last week
recolude / rap
View on GitHub
Official format for time series data captured from 3D Engines.
☆12May 14, 2023Updated 2 years ago
somod-dev / somod
View on GitHub
Serverless Optimized MODules - A Serverless Framework to create reusable micro apps
☆18Jul 7, 2025Updated 7 months ago
pandatix / nvdapi
View on GitHub
Unofficial but convenient Go wrapper around the NVD REST JSON API
☆36Oct 27, 2025Updated 4 months ago
kusaridev / spector
View on GitHub
Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
☆33Apr 22, 2025Updated 10 months ago
mitre / hipcheck
View on GitHub
Automatically assess and score software repositories for supply chain risk.
☆121Feb 16, 2026Updated 2 weeks ago
CERTCC / SBOM
View on GitHub
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
☆66Apr 8, 2024Updated last year
cdxgen / cdxgen
View on GitHub
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
☆908Updated this week