Alternatives and similar repositories for hub:

Users that are interested in hub are comparing it to the libraries listed below

• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆170Updated this week
• blackducksoftware / hub-rest-api-python
  HUB REST API Python bindings
  ☆92Updated last month
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆134Updated 3 weeks ago
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆343Updated 4 months ago
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆208Updated 2 years ago
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆114Updated 8 months ago
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆117Updated this week
• spdx / tools
  SPDX Tools
  ☆134Updated last year
• CycloneDX / specification
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆389Updated this week
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆92Updated this week
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆49Updated last week
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆309Updated 10 months ago
• neuvector / kubernetes-cis-benchmark
  A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations
  ☆265Updated last year
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆47Updated last week
• spdx / ntia-conformance-checker
  Check SPDX SBOM for NTIA minimum elements
  ☆60Updated 2 weeks ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆70Updated last year
• opensbom-generator / spdx-sbom-generator
  Support CI generation of SBOMs via golang tooling.
  ☆422Updated 2 months ago
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆148Updated 4 years ago
• dev-sec / cis-kubernetes-benchmark
  CIS Kubernetes Benchmark - InSpec Profile
  ☆300Updated 7 months ago
• blackducksoftware / blackduck-docker-inspector
  ☆21Updated 2 years ago
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆198Updated last year
• jenkinsci / aqua-microscanner-plugin
  Enables scanning of docker builds in Jenkins for OS package vulnerabilities.
  ☆35Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆141Updated 11 months ago
• dev-sec / cis-docker-benchmark
  CIS Docker Benchmark - InSpec Profile
  ☆501Updated last year
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆57Updated 11 months ago
• SAP / project-kb
  Home page of project "KB"
  ☆120Updated 2 weeks ago
• jeremylong / open-vulnerability-cli
  A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…
  ☆141Updated this week
• aquasecurity / vuln-list
  NVD, Ubuntu, Alpine
  ☆425Updated this week
• anchore / anchore
  This project is deprecated. Work is now done on https://github.com/anchore/syft and https://github.com/anchore/grype for local-host Softw…
  ☆361Updated 4 years ago
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆215Updated last month