Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Supported by AboutCode, sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ , nexB and other fine supporters. Chat is at https://gitter.im/aboutcode-org/discuss
☆60Feb 20, 2026Updated last week
Alternatives and similar repositories for purldb
Users that are interested in purldb are comparing it to the libraries listed below
Sorting:
- Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions…☆42Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆88Nov 24, 2025Updated 3 months ago
- Inspect Python code and PyPI package manifests. Resolve Python dependencies.☆24Nov 5, 2025Updated 3 months ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆647Updated this week
- A library to reliably fetch code via HTTP, FTP and version control systems. This project is sponsored by NLnet project https://nlnet.nl/p…☆11Nov 28, 2025Updated 3 months ago
- ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Co…☆180Feb 19, 2026Updated last week
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Updated this week
- Functionality and DataModels of OWASP CycloneDX for Python☆102Jan 26, 2026Updated last month
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆980Updated this week
- Incident Notification Platform by @NC3-LU☆11Updated this week
- Automating Compliance Tooling Project☆22Jan 28, 2022Updated 4 years ago
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆72Jul 22, 2025Updated 7 months ago
- Posture Attribute Collection and Evaluation☆23Jun 20, 2023Updated 2 years ago
- This is a mapping of CPEs to package urls created by using VulnerableCode's data☆10Aug 14, 2020Updated 5 years ago
- Library plugin for DSL plugins that need concise names for Jenkins extensions☆11Updated this week
- Python framework for collecting and analyzing TLS certificate data via the Certificate Transparency Network☆12May 25, 2025Updated 9 months ago
- Common weakness enumeration library for Python (maintained fork of https://github.com/Julian-Nash/cwe )☆15Aug 29, 2024Updated last year
- Presentation repository around making an API that retrieves large amounts of geospatial data quickly☆12Mar 7, 2023Updated 2 years ago
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Feb 13, 2026Updated 2 weeks ago
- A privacy-aware exchange module to securely and privately share your indicators☆14Aug 23, 2017Updated 8 years ago
- The Double Open Server (DOS) companion for ORT.☆17Updated this week
- Global Security Database Project☆28Mar 4, 2023Updated 2 years ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆218Oct 21, 2025Updated 4 months ago
- Automate open source license compliance and ensure software supply chain integrity☆40Updated this week
- CERTITUDE - A python package to classify malicious URLs☆20May 16, 2022Updated 3 years ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆11Aug 14, 2025Updated 6 months ago
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Sep 21, 2025Updated 5 months ago
- ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.☆169Jan 17, 2025Updated last year
- misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…☆19Jan 9, 2026Updated last month
- Architecture - design and implementation of the D4 project architecture☆16Jul 3, 2025Updated 7 months ago
- Toolset to index the Mastodon federated network.☆13Nov 10, 2022Updated 3 years ago
- An offensive bash script which tries to find GENERIC privesc vulnerabilities and issues.☆13Oct 17, 2017Updated 8 years ago
- A tool to generate datasets and models based on vulnerabilities descriptions from @Vulnerability-Lookup.☆23Feb 19, 2026Updated last week
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆37Jan 21, 2026Updated last month
- Self-Hosting Security Dashboard☆14Feb 13, 2019Updated 7 years ago
- Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format☆41Updated this week
- PURL to CPE Relationship mapping project.☆111Updated this week
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Jan 10, 2025Updated last year
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆19Feb 16, 2018Updated 8 years ago