SAP/risk-explorer-for-software-supply-chains external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SAP/risk-explorer-for-software-supply-chains

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SAP/risk-explorer-for-software-supply-chains)

Close

SAP / risk-explorer-for-software-supply-chainsView on GitHubMore

• External links
• Readme badge

A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and other resources. The taxonomy as well as related safeguards can be explored using an interactive visualization tool.

☆82Apr 3, 2026Updated last week

Alternatives and similar repositories for risk-explorer-for-software-supply-chains

Users that are interested in risk-explorer-for-software-supply-chains are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SAP-samples / cross-language-detection-artifacts

  View on GitHub
  This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…
  ☆22Mar 7, 2025Updated last year
• ossf / package-feeds

  View on GitHub
  Feed parsing for language package manager updates
  ☆84Dec 4, 2024Updated last year
• rsc-dev / pypi_malware

  View on GitHub
  PyPI malware packages
  ☆59Dec 12, 2018Updated 7 years ago
• RiskBasedPrioritization / RiskBasedPrioritization.github.io

  View on GitHub
  ☆20Jul 16, 2025Updated 9 months ago
• SAP / project-kb

  View on GitHub
  Home page of project "KB"
  ☆134Mar 27, 2025Updated last year
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• ASSERT-KTH / deptrim

  View on GitHub
  DepTrim automatically specializes the software supply chain of dependencies in Maven projects https://arxiv.org/pdf/2302.08370
  ☆15Mar 30, 2026Updated 2 weeks ago
• lyvd / bandit4mal

  View on GitHub
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆29Sep 1, 2022Updated 3 years ago
• chainguard-sandbox / bom-shelter

  View on GitHub
  A place to systematically store software bill of materials (SBOM) documents.
  ☆50Jun 1, 2023Updated 2 years ago
• correctexam / corrigeExamBack

  View on GitHub
  Web app to grade your assessments anywhere
  ☆12Dec 31, 2025Updated 3 months ago
• KTH / programmable-society

  View on GitHub
  Home of course "Programmable Society" at KTH Royal Institute of Technology
  ☆21Dec 12, 2025Updated 4 months ago
• jayswan / netflow_tcpflags

  View on GitHub
  Some stuff about the TCP flags field in NetFlow/IPFIX Data
  ☆12Dec 31, 2015Updated 10 years ago
• CycloneDX / cyclonedx-property-taxonomy

  View on GitHub
  A taxonomy of all official CycloneDX property namespaces and names
  ☆21Mar 2, 2026Updated last month
• vishalgarg-sec / Software-Supply-Chain-Security

  View on GitHub
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆146Jan 28, 2024Updated 2 years ago
• DataDog / malicious-software-packages-dataset

  View on GitHub
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆331Apr 8, 2026Updated last week
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• gcve-eu / gcve

  View on GitHub
  A Python client for the Global CVE Allocation System.
  ☆18Mar 26, 2026Updated 3 weeks ago
• kpcyrd / ismyarchverifiedyet

  View on GitHub
  Experimental script to query rebuilderd for results
  ☆14Dec 4, 2023Updated 2 years ago
• zhongxingyu / Java-Annotation-Study

  View on GitHub
  Source code and data about our large scale study about Java annotaion in practice
  ☆12Apr 14, 2023Updated 3 years ago
• diverse-project / melange

  View on GitHub
  The Melange Language Workbench
  ☆30Aug 18, 2023Updated 2 years ago
• nkleck / Scumblr_Security_Tool

  View on GitHub
  Scumblr instructions with custom search providers for monitoring malicous content
  ☆17Nov 18, 2017Updated 8 years ago
• pypi / pypi-attestations

  View on GitHub
  A library to convert between Sigstore Bundles and PEP 740 Attestation objects
  ☆15Updated this week
• opencybersecurityalliance / kestrel-jupyter

  View on GitHub
  Kestrel Jupyter Notebook Kernel
  ☆10Oct 19, 2023Updated 2 years ago
• attackbench / AttackBench

  View on GitHub
  Attack benchmark repository
  ☆23Nov 25, 2025Updated 4 months ago
• sigstore / rekor-search-ui

  View on GitHub
  Search Rekor for entries
  ☆41Mar 23, 2026Updated 3 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• messlabnyu / irqdebloat

  View on GitHub
  ☆14Dec 10, 2021Updated 4 years ago
• eBay / sbom-scorecard

  View on GitHub
  Generate a score for your sbom to understand if it will actually be useful.
  ☆241Aug 13, 2024Updated last year
• Marynk / JavaScript-vulnerability-detection

  View on GitHub
  a project repository for a paper
  ☆20May 4, 2024Updated last year
• AppThreat / vulnerability-db

  View on GitHub
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…
  ☆138Mar 10, 2026Updated last month
• Bristol-Cyber-Security-Group / decisions-disruptions-kit

  View on GitHub
  Getting started with Decisions-Disruptions
  ☆11Jan 28, 2020Updated 6 years ago
• moliware / es-dsl-cheatsheet

  View on GitHub
  Elasticsearch Query DSL cheatsheet
  ☆19Feb 19, 2015Updated 11 years ago
• swtv-kaist / MUSIC

  View on GitHub
  MUSIC: MUtation analySIs tool with High Configurability and Extensibility
  ☆18Aug 4, 2023Updated 2 years ago
• rdicosmo / updateswh

  View on GitHub
  Browser extension to check and uptate archival of repositories in Software Heritage
  ☆19Jan 6, 2024Updated 2 years ago
• CycodeLabs / gh-injection-vuln-demo

  View on GitHub
  Demos for our research on Github actions script injection vulnerabilities
  ☆13May 14, 2024Updated last year
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• anchore / nvd-data-overrides

  View on GitHub
  ☆50Updated this week
• chainguard-dev / image-comparison

  View on GitHub
  Comparison of Chainguard Images to others
  ☆21Updated this week
• STAMP-project / pitest-descartes

  View on GitHub
  Descartes supports developers to improve their test suites by reporting weak spots in covered code
  ☆127Sep 19, 2025Updated 6 months ago
• chainguard-dev / ssc-reading-list

  View on GitHub
  A reading list for software supply-chain security.
  ☆365Nov 21, 2022Updated 3 years ago
• bomctl / bomctl

  View on GitHub
  Format agnostic SBOM tooling
  ☆137Nov 20, 2025Updated 4 months ago
• EVulHunter / EVulHunter

  View on GitHub
  ☆10Sep 24, 2019Updated 6 years ago
• IBM / cmnnc

  View on GitHub
  Computational Memory Neural Network Compiler
  ☆11Aug 11, 2021Updated 4 years ago