OWASP / www-project-dependency-track
OWASP Foundation Web Respository
☆17Updated 10 months ago
Related projects: ⓘ
- Sharing software supply chain security open source projects☆38Updated last year
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆92Updated last week
- Vulnogram is a tool for creating and editing CVE information in CVE JSON format☆158Updated 3 weeks ago
- A place to systematically store software bill of materials (SBOM) documents.☆42Updated last year
- CVE database☆22Updated 4 years ago
- Software Component Verification Standard (SCVS)☆133Updated 5 months ago
- A community collection of security reviews of open source software components.☆92Updated 6 months ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆85Updated 7 months ago
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆46Updated last week
- Awesome resources about Security in Kubernetes☆40Updated last year
- CVE.ICU code.☆34Updated this week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆168Updated 3 months ago
- Open Source Vulnerability schema.☆176Updated this week
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆54Updated 2 weeks ago
- A simple Java command-line utility to mirror the entire contents of VulnDB.☆42Updated 3 weeks ago
- Utility that provides an API platform for validating, querying and managing BOM data☆88Updated last month
- A BOM repository server for distributing CycloneDX BOMs☆73Updated 6 months ago
- CVSS v4.0 calculator☆21Updated last month
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆45Updated 2 months ago
- OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…☆23Updated 2 years ago
- A project to visualize the software supply chain☆33Updated last year
- A Python library and command line interface for CVE Services.☆54Updated 2 months ago
- ☆110Updated 3 months ago
- Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnera…☆110Updated 3 weeks ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- PURL to CPE Relationship mapping project.☆69Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆69Updated this week
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 8 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆123Updated 7 months ago
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 5 months ago