XmirrorSecurity / OpenSCA-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
☆1,087Updated last month
Related projects ⓘ
Alternatives and complementary repositories for OpenSCA-cli
- ☆1,795Updated last year
- An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。☆1,680Updated this week
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆340Updated last week
- vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that…☆296Updated last week
- 专注于JVM的运行时防御系统RASP☆276Updated 5 months ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆729Updated last year
- Corax for Java: A general static analysis framework for java code checking.☆233Updated last month
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆682Updated 10 months ago
- Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabil…☆1,245Updated 5 months ago
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,529Updated 10 months ago
- 《深入理解SAST静态应用安全测试》Static Application Security Testing.☆321Updated 7 months ago
- IAST 灰盒扫描工具☆443Updated 2 years ago
- A programming language exclusively designed for cybersecurity☆403Updated this week
- 安全测试平台☆228Updated 2 years ago
- A Linux Host-based Intrusion Detection System based on eBPF.☆409Updated 11 months ago
- T Wiki 云安全知识文库,可能是国内首个云安全知识文库?☆911Updated 3 weeks ago
- Static code auditing system☆460Updated 3 years ago
- 安全编排与自动化响应平台☆61Updated 3 years ago
- 业�务风险枚举与规避知识框架(Business Risk Enumeration & Avoidance Kownledge)☆282Updated last month
- Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the comm…☆90Updated last year
- d18n is a data desensitization tool for RDBMS.☆169Updated last year
- superSearchPlus是聚合型信息收集插件,支持综合查询,资产测绘查询,信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。☆1,339Updated 10 months ago
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,099Updated 2 weeks ago
- OctoMation是一款免费的,具有可视化拖拽功能的编排与自动化产品。通过精心编排的Playbook,OctoMation能够联动数百款安全、网络、IT和SaaS等产品的基础能力。其主要特点包括低代码剧本编排、自动化事件响应、标准化流程操作以及可视化过程监控。 借助Oc…☆439Updated 5 months ago
- Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)☆282Updated 3 weeks ago
- 一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it☆1,413Updated this week
- 合规审计平台☆458Updated 2 years ago
- ☆439Updated last year
- A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud c…☆189Updated 3 months ago
- vulnerability database spider 爬取NVD、CNVD、CNNVD等漏洞数据库☆214Updated 3 years ago