Alternatives and similar repositories for GHAST

Users that are interested in GHAST are comparing it to the libraries listed below

• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆96Updated 5 months ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated 2 months ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• stacscan / stacs
  Static Token And Credential Scanner
  ☆96Updated 2 years ago
• devops-kung-fu / trustier
  Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev
  ☆11Updated 2 months ago
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆135Updated last year
• nccgroup / ccs
  ☆111Updated 2 years ago
• AnubisSec / GroovyWaiter
  ☆17Updated 3 years ago
• apiiro / malicious-code-ruleset
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆122Updated 4 months ago
• Frichetten / aws_api_shapeshifter
  A small library to alter AWS API requests; Used for fuzzing research
  ☆22Updated last year
• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated last year
• usnistgov / vulntology
  Development of the NIST vulnerability data ontology (Vulntology).
  ☆39Updated last month
• binareio / FastCVE
  FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.
  ☆53Updated last month
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated last year
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• OWASP / www-project-top-10-infrastructure-security-risks
  OWASP Top 10 Infrastructure Security Risks
  ☆36Updated 3 weeks ago
• alexivkin / kubepwn
  Kubernetes Pwnage for all
  ☆57Updated 4 years ago
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆119Updated last year
• sbomify / sbomify
  sbomify is a product security artifact management platform.
  ☆24Updated this week
• anchore / vulnerability-match-labels
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
  ☆11Updated 3 weeks ago
• 5stars217 / malicious_models
  using ML models for red teaming
  ☆43Updated last year
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆42Updated last year
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 4 months ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated 2 years ago
• RefactorSecurity / vscode-security-notes
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆133Updated 3 months ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆87Updated 11 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆121Updated this week
• nccgroup / RFC-Security-Research
  Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
  ☆18Updated 4 years ago
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆41Updated 5 months ago