OWASP / cwe-toolLinks
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
☆57Updated this week
Alternatives and similar repositories for cwe-tool
Users that are interested in cwe-tool are comparing it to the libraries listed below
Sorting:
- A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC☆32Updated 4 months ago
- Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions☆101Updated 2 years ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆47Updated 2 years ago
- Dependency Combobulator☆93Updated last year
- A dataset of software supply chain compromises. Please help us maintain it!☆128Updated 2 years ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated last week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆144Updated last year
- Generic SAST Library☆131Updated 6 months ago
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagr…☆35Updated 3 months ago
- Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0☆41Updated 2 years ago
- A MAL language that demonstrates the Maven project structure☆23Updated 3 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- ☆20Updated 6 years ago
- OWASP Threat Dragon with Gitlab Integration☆27Updated 7 years ago
- A community collection of security reviews of open source software components.☆94Updated last year
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆65Updated 11 months ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆68Updated 3 weeks ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated 5 months ago
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated last year
- Security advisories for Node.js and the JavaScript ecosystem.☆41Updated 4 years ago
- OWASP Foundation Web Respository☆28Updated 9 months ago
- Threat Modeling Manifesto☆28Updated 10 months ago
- A Python library and command line interface for CVE Services.☆65Updated 2 weeks ago
- Maturity Model Collaborative project☆15Updated 2 years ago
- ☆35Updated 4 years ago
- A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs☆51Updated 2 years ago
- Desktop variant of OWASP Threat Dragon☆77Updated 3 years ago
- OWASP Foundation Web Respository☆63Updated last year
- Python API library for DefectDojo☆42Updated 2 years ago