OWASP / www-project-benchmark
OWASP Foundation Web Respository
☆17Updated 4 months ago
Related projects: ⓘ
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆138Updated 6 months ago
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆81Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆69Updated this week
- OSS-Fuzz vulnerabilities for OSV.☆129Updated this week
- Python classes for the SARIF object model☆39Updated 5 months ago
- A dataset of software supply chain compromises. Please help us maintain it!☆126Updated 2 years ago
- Trail of Bits Testing Handbook☆53Updated this week
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆53Updated 2 weeks ago
- A community collection of security reviews of open source software components.☆92Updated 6 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆92Updated last week
- Tools for conducting analysis of CVE data in Elasticsearch☆72Updated 2 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆102Updated 9 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆126Updated this week
- OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.☆14Updated last week
- Home page of project "KB"☆111Updated 2 weeks ago
- Default query sets for Joern☆24Updated 2 years ago
- CodeQL workshops for GitHub Universe☆91Updated last year
- Scan pypi for typosquatting☆36Updated last year
- ☆28Updated last year
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆109Updated last year
- A coverage-guided REST API fuzzer developed on top of LibAFL☆67Updated this week
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆85Updated 7 months ago
- Evaluation Framework for Dependency Analysis (EFDA)☆40Updated 2 years ago
- Automatically exported from code.google.com/p/rough-auditing-tool-for-security☆81Updated 3 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- ☆85Updated 2 years ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆47Updated this week
- Manager of third-party sources of Semgrep rules 🗂☆74Updated 2 months ago
- Python wrapper for the API of cve-search☆113Updated 9 months ago
- PyPI malware packages☆57Updated 5 years ago