Alternatives and similar repositories for HelloShiftLeft

Users that are interested in HelloShiftLeft are comparing it to the libraries listed below

• blackducksoftware / blackduck-docker-inspector
  ☆21Updated 3 years ago
• eclipse-jbom / jbom
  ☆120Updated 5 months ago
• stevespringett / cvss-calculator
  A Java library for calculating CVSSv2 and CVSSv3 scores and vectors
  ☆47Updated 9 months ago
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆97Updated last week
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆43Updated last year
• mirswamp / deployment
  SWAMP-in-a-Box
  ☆62Updated 4 years ago
• JLLeitschuh / bulk-security-pr-generator
  Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
  ☆34Updated 4 months ago
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆53Updated last week
• OWASP / sonarqube
  OWASP SonarQube Project
  ☆110Updated 6 years ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆152Updated last year
• CVEProject / automation-working-group
  CVE Automation Working Group
  ☆174Updated last week
• augustd / owasp-security-logging
  OWASP Security Logging library for Java
  ☆119Updated last year
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆43Updated last week
• spdx / spdx-maven-plugin
  Plugin for supporting SPDX in a Maven build.
  ☆57Updated 2 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆150Updated 6 months ago
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆121Updated 2 months ago
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆47Updated 2 months ago
• ShiftLeftSecurity / scan-action
  ☆53Updated 3 years ago
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 5 years ago
• eclipse-cognicrypt / CogniCrypt
  CogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.
  ☆61Updated 9 months ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆138Updated this week
• google / certificate-transparency-java
  Auditing for TLS certificates, Java code.
  ☆41Updated 5 years ago
• STAMP-project / pitest-descartes
  Descartes supports developers to improve their test suites by reporting weak spots in covered code
  ☆126Updated 2 weeks ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆72Updated 2 months ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆62Updated 4 months ago
• apache / maven-indexer
  Apache Maven Indexer
  ☆68Updated 2 weeks ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• mal-lang / exampleLang
  A MAL language that demonstrates the Maven project structure
  ☆23Updated 3 years ago