Alternatives and similar repositories for vulndb

Users that are interested in vulndb are comparing it to the libraries listed below

• anchore / grype-db
  ☆59Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆110Updated last week
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆53Updated 3 years ago
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆27Updated last week
• google / container-explorer
  ☆93Updated 3 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆230Updated this week
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆210Updated this week
• ossf / ossf-landscape
  ☆30Updated last week
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated 2 weeks ago
• spdx / spdx-to-osv
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆65Updated last year
• aquasecurity / linux-bench
  Checks whether a Linux server according to security best practices as defined in the CIS Distribution-Independent Linux Benchmark
  ☆181Updated 3 weeks ago
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆131Updated 2 months ago
• CycodeLabs / cimon-action
  Runtime Security Solution for your CI/CD Pipeline
  ☆112Updated last week
• docker / sbom-cli-plugin
  Plugin for Docker CLI to support SBOM creation using Syft
  ☆161Updated 2 months ago
• ComplianceAsCode / auditree-framework
  The Auditree framework tool to run compliance control checks as unit tests.
  ☆71Updated last year
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆135Updated 2 months ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆72Updated 2 months ago
• blacktop / seccomp-gen
  Docker Secure Computing Profile Generator
  ☆49Updated 4 years ago
• ossf / security-insights
  Machine-readable specification for the attestation of security-relevant data.
  ☆72Updated last week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆110Updated 2 weeks ago
• openvex / spec
  OpenVEX Specification
  ☆166Updated 3 weeks ago
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆56Updated 3 years ago
• OWASP / www-project-kubernetes-security-testing-guide
  OWASP Kubernetes Security Testing Guide
  ☆41Updated last month
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…
  ☆135Updated this week
• anchore / grype-vscode
  Grype vulnerability check plugin for Visual Studio Code
  ☆24Updated last year
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆215Updated 3 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆45Updated 2 years ago
• nyph-infosec / daggerboard
  ☆102Updated last year
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆24Updated last year