LLNL / SurfactantLinks
Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
☆31Updated this week
Alternatives and similar repositories for Surfactant
Users that are interested in Surfactant are comparing it to the libraries listed below
Sorting:
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆28Updated 4 months ago
- Trail of Bits Testing Handbook☆76Updated 2 weeks ago
- ☆28Updated 5 months ago
- MSR Project Freta☆78Updated 11 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated 2 years ago
- Coverage-Guided Greybox Distributed Fuzzer☆131Updated 2 months ago
- Mayhem example templates for programming languages and fuzzers that you love!☆33Updated last year
- CVE querying library and utility that uses a local store syncing directly to the National Vulnerability Database☆22Updated last year
- Automated vulnerability discovery and annotation☆67Updated 11 months ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆71Updated last week
- A security-first linter for code that shouldn't need linting☆16Updated last year
- ☆74Updated this week
- Code Hierarchy Exploration Net (chen)☆21Updated 2 weeks ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆41Updated last week
- A community collection of security reviews of open source software components.☆95Updated last year
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆68Updated 2 weeks ago
- Scan pypi for typosquatting☆36Updated 2 years ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆57Updated last month
- CITL's static analysis engine for native code artifacts☆20Updated 4 years ago
- Publications from the eBPF foundation☆23Updated 7 months ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆75Updated last month
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 6 months ago
- CodeQL queries developed by Trail of Bits☆101Updated 2 weeks ago
- A Python client for the Global CVE Allocation System.☆13Updated this week
- CVE.ICU code.☆42Updated this week
- A command line tool for extracting machine learning ready data from software binaries powered by Radare2☆70Updated last month
- Manager of third-party sources of Semgrep rules 🗂☆87Updated 11 months ago
- A very simple open source implementation of Google's Project Naptime☆155Updated 3 months ago
- A tool that automatically creates fuzzing harnesses based on a library☆280Updated 3 years ago
- A tool for firmware cartography☆154Updated 2 weeks ago