Alternatives and similar repositories for www-project-benchmark:

Users that are interested in www-project-benchmark are comparing it to the libraries listed below

• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆142Updated last year
• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆151Updated this week
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆128Updated 2 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated last month
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆200Updated this week
• OWASP / threat-modeling-playbook
  ☆33Updated 3 years ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆95Updated 3 weeks ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆114Updated last week
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆27Updated last year
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆50Updated this week
• cve-search / PyCVESearch
  Python wrapper for the API of cve-search
  ☆120Updated last year
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆25Updated 2 years ago
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆74Updated 2 weeks ago
• setu1421 / SecretBench
  SecretBench is a dataset consisting of different secret types collected from public open-source repositories.
  ☆30Updated 10 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆143Updated 3 weeks ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆118Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆114Updated last week
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆72Updated 2 weeks ago
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 2 years ago
• githubuniverseworkshops / codeql
  CodeQL workshops for GitHub Universe
  ☆93Updated 2 years ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 2 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆93Updated last year
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆78Updated 4 months ago
• vuldb / vuldb-api-python-examples
  VulDB Python scripts to fetch data via API
  ☆20Updated 5 years ago
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated last year
• SAP / project-kb
  Home page of project "KB"
  ☆123Updated 3 weeks ago
• joernio / query-database
  Default query sets for Joern
  ☆27Updated 3 years ago
• too4words / securibench-micro
  Securibench Micro is a benchmark for static analysis tools for security.
  ☆26Updated 6 years ago
• felixgr / pytaint
  ☆34Updated 11 years ago
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆92Updated 2 months ago