OWASP / www-project-benchmark
OWASP Foundation Web Respository
☆17Updated 8 months ago
Alternatives and similar repositories for www-project-benchmark:
Users that are interested in www-project-benchmark are comparing it to the libraries listed below
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 10 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆104Updated last month
- A dataset of software supply chain compromises. Please help us maintain it!☆127Updated 2 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆73Updated this week
- A community collection of security reviews of open source software components.☆92Updated 10 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆112Updated last year
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated this week
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆89Updated 11 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆189Updated last month
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆89Updated 2 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆172Updated this week
- Open Source Vulnerability schema.☆190Updated last week
- OSS-Fuzz vulnerabilities for OSV.☆143Updated this week
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆55Updated 4 months ago
- OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…☆23Updated 2 years ago
- SARIF Microsoft Visual Studio Code extension☆113Updated 3 months ago
- Software Component Verification Standard (SCVS)☆138Updated 9 months ago
- PURL to CPE Relationship mapping project.☆82Updated this week
- ☆32Updated 2 years ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Updated 2 years ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 6 years ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆59Updated last month
- Feed parsing for language package manager updates☆76Updated last month
- Scan pypi for typosquatting☆38Updated last year
- Home page of project "KB"☆116Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆281Updated this week
- ☆47Updated this week
- PyPI malware packages☆58Updated 6 years ago
- A tool to check the security settings of Github Organizations.☆70Updated last year