OWASP / www-project-benchmarkLinks
OWASP Foundation Web Respository
☆18Updated last week
Alternatives and similar repositories for www-project-benchmark
Users that are interested in www-project-benchmark are comparing it to the libraries listed below
Sorting:
- Python classes for the SARIF object model☆44Updated last year
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆153Updated last year
- OSS-Fuzz vulnerabilities for OSV.☆162Updated this week
- SARIF Microsoft Visual Studio Code extension☆122Updated 2 months ago
- Post Processor for Facebook Static Analysis Tools.☆142Updated 2 weeks ago
- Global Security Database☆315Updated last year
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆372Updated 2 weeks ago
- A dataset of software supply chain compromises. Please help us maintain it!☆130Updated 3 years ago
- Home page of project "KB"☆130Updated 7 months ago
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆109Updated 2 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆119Updated last year
- CPE: Common Platform Enumeration for Python☆96Updated last month
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆79Updated last month
- Open Source Vulnerability schema.☆213Updated this week
- NVD/CVE as JSON files☆123Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆128Updated 2 months ago
- User-friendly documentation for the SARIF file format.☆328Updated last year
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆128Updated 2 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆249Updated last week
- A fork of Bandit tool with patterns to identifying malicious python code.☆28Updated 3 years ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 7 years ago
- PURL to CPE Relationship mapping project.☆96Updated this week
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆89Updated 9 months ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆61Updated 5 months ago
- PyPI malware packages☆58Updated 6 years ago
- A comprehensive list of software composition analysis tools.☆157Updated 2 weeks ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆79Updated last month
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆227Updated last year
- Vulnogram is a tool for creating and editing CVE information in CVE JSON format☆206Updated this week
- OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.☆18Updated last week