OWASP / www-project-benchmark
OWASP Foundation Web Respository
☆18Updated 2 months ago
Alternatives and similar repositories for www-project-benchmark:
Users that are interested in www-project-benchmark are comparing it to the libraries listed below
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆142Updated last year
- OSS-Fuzz vulnerabilities for OSV.☆151Updated this week
- A dataset of software supply chain compromises. Please help us maintain it!☆128Updated 2 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆75Updated last month
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆200Updated this week
- ☆33Updated 3 years ago
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆95Updated 3 weeks ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆114Updated last week
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆27Updated last year
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated this week
- Python wrapper for the API of cve-search☆120Updated last year
- A fork of Bandit tool with patterns to identifying malicious python code.☆25Updated 2 years ago
- Tools for conducting analysis of CVE data in Elasticsearch☆74Updated 2 weeks ago
- SecretBench is a dataset consisting of different secret types collected from public open-source repositories.☆30Updated 10 months ago
- Software Component Verification Standard (SCVS)☆143Updated 3 weeks ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆118Updated last year
- SARIF Microsoft Visual Studio Code extension☆114Updated last week
- Trail of Bits Testing Handbook☆72Updated 2 weeks ago
- Scan pypi for typosquatting☆38Updated 2 years ago
- CodeQL workshops for GitHub Universe☆93Updated 2 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆43Updated 2 years ago
- A community collection of security reviews of open source software components.☆93Updated last year
- Feed parsing for language package manager updates☆78Updated 4 months ago
- VulDB Python scripts to fetch data via API☆20Updated 5 years ago
- Python classes for the SARIF object model☆43Updated last year
- Home page of project "KB"☆123Updated 3 weeks ago
- Default query sets for Joern☆27Updated 3 years ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 6 years ago
- ☆34Updated 11 years ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆92Updated 2 months ago