OWASP / www-project-benchmark

Related projects: ⓘ

• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆138Updated 6 months ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆81Updated this week
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆69Updated this week
• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆129Updated this week
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆39Updated 5 months ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆126Updated 2 years ago
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆53Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆53Updated 2 weeks ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 6 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…
  ☆92Updated last week
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆72Updated 2 months ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆102Updated 9 months ago
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆126Updated this week
• OWASP-Benchmark / BenchmarkUtils
  OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
  ☆14Updated last week
• SAP / project-kb
  Home page of project "KB"
  ☆111Updated 2 weeks ago
• joernio / query-database
  Default query sets for Joern
  ☆24Updated 2 years ago
• githubuniverseworkshops / codeql
  CodeQL workshops for GitHub Universe
  ☆91Updated last year
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆36Updated last year
• cristianstaicu / SecBench.js
  ☆28Updated last year
• Teebytes / TnT-Fuzzer
  OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
  ☆109Updated last year
• TNO-S3 / WuppieFuzz
  A coverage-guided REST API fuzzer developed on top of LibAFL
  ☆67Updated this week
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆85Updated 7 months ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆40Updated 2 years ago
• andrew-d / rough-auditing-tool-for-security
  Automatically exported from code.google.com/p/rough-auditing-tool-for-security
  ☆81Updated 3 years ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆19Updated last year
• antonio-morales / Hackfest_Advanced_Fuzzing_Workshop
  ☆85Updated 2 years ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆47Updated this week
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆74Updated 2 months ago
• cve-search / PyCVESearch
  Python wrapper for the API of cve-search
  ☆113Updated 9 months ago
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆57Updated 5 years ago