Alternatives and similar repositories for hub

Users that are interested in hub are comparing it to the libraries listed below

• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆187Updated this week
• blackducksoftware / hub-rest-api-python
  HUB REST API Python bindings
  ☆95Updated 3 months ago
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆211Updated 3 years ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆137Updated this week
• aquasecurity / vuln-list
  NVD, Ubuntu, Alpine
  ☆442Updated this week
• blackducksoftware / blackduck-docker-inspector
  ☆21Updated 3 years ago
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆113Updated last year
• OWASP-Benchmark / BenchmarkJava
  OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…
  ☆744Updated last week
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,590Updated 2 years ago
• neuvector / kubernetes-cis-benchmark
  A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations
  ☆266Updated 2 years ago
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆50Updated last week
• aquasecurity / harbor-scanner-trivy
  Use Trivy as a plug-in vulnerability scanner in the Harbor registry
  ☆225Updated last year
• dev-sec / cis-docker-benchmark
  CIS Docker Benchmark - InSpec Profile
  ☆521Updated 2 years ago
• aquasecurity / trivy-db
  ☆285Updated last week
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆72Updated 3 months ago
• arminc / clair-local-scan
  Run CoreOs Clair standalone
  ☆252Updated 10 months ago
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆425Updated last month
• jeremylong / open-vulnerability-cli
  A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…
  ☆153Updated 2 weeks ago
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆222Updated 9 months ago
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆99Updated this week
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆674Updated 3 weeks ago
• tern-tools / tern
  Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…
  ☆1,006Updated last year
• dev-sec / cis-kubernetes-benchmark
  CIS Kubernetes Benchmark - InSpec Profile
  ☆307Updated last year
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆53Updated last week
• eclipse-steady / steady
  Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…
  ☆542Updated last year
• opensbom-generator / spdx-sbom-generator
  Support CI generation of SBOMs via golang tooling.
  ☆423Updated 10 months ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆44Updated 3 years ago
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆132Updated this week
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆854Updated 2 years ago
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆47Updated 4 months ago