Alternatives and similar repositories for HelloShiftLeft

Users that are interested in HelloShiftLeft are comparing it to the libraries listed below

• eclipse-jbom / jbom
  ☆122Updated 9 months ago
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆103Updated last week
• RIGS-IT / sonar-xanitizer
  Integrates Xanitizer results into SonarQube
  ☆21Updated 4 years ago
• stevespringett / cvss-calculator
  A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors
  ☆51Updated 2 weeks ago
• spdx / spdx-maven-plugin
  Plugin for supporting SPDX in a Maven build.
  ☆59Updated last month
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 5 years ago
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆48Updated 6 months ago
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆43Updated 3 months ago
• CVEProject / automation-working-group
  CVE Automation Working Group
  ☆180Updated this week
• blackducksoftware / blackduck-docker-inspector
  ☆21Updated 3 years ago
• JLLeitschuh / bulk-security-pr-generator
  Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
  ☆36Updated 8 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 3 years ago
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆54Updated last week
• openrewrite / rewrite-jenkins
  OpenRewrite recipes to continuously modernize Jenkins plugins.
  ☆13Updated last week
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆43Updated 2 weeks ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆160Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆153Updated 10 months ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆73Updated 6 months ago
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆82Updated 2 months ago
• mirswamp / deployment
  SWAMP-in-a-Box
  ☆62Updated 5 years ago
• OWASP / sonarqube
  OWASP SonarQube Project
  ☆112Updated 6 years ago
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆132Updated 2 weeks ago
• sigstore / sigstore-maven-plugin
  sigstore maven plugin
  ☆19Updated last year
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆138Updated last week
• STAMP-project / pitest-descartes
  Descartes supports developers to improve their test suites by reporting weak spots in covered code
  ☆126Updated 4 months ago
• augustd / owasp-security-logging
  OWASP Security Logging library for Java
  ☆120Updated 2 years ago
• SAP / project-kb
  Home page of project "KB"
  ☆132Updated 10 months ago
• victims / victims-enforcer-legacy
  A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.
  ☆42Updated 5 years ago
• zaproxy / zest
  ☆113Updated this week
• find-sec-bugs / juliet-test-suite
  A collection of test cases in the Java language. It contains examples for 112 different CWEs.
  ☆61Updated 4 years ago