Alternatives and similar repositories for hub:

Users that are interested in hub are comparing it to the libraries listed below

• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆166Updated this week
• blackducksoftware / hub-rest-api-python
  HUB REST API Python bindings
  ☆91Updated last week
• coverity / coverity-sonar-plugin
  ☆51Updated last month
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆206Updated 2 years ago
• blackducksoftware / blackduck-docker-inspector
  ☆21Updated 2 years ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆133Updated 3 weeks ago
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆114Updated 6 months ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 2 years ago
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆327Updated 2 months ago
• SAP / project-kb
  Home page of project "KB"
  ☆117Updated last month
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆88Updated this week
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆84Updated this week
• find-sec-bugs / juliet-test-suite
  A collection of test cases in the Java language. It contains examples for 112 different CWEs.
  ☆53Updated 3 years ago
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆305Updated last month
• dev-sec / cis-kubernetes-benchmark
  CIS Kubernetes Benchmark - InSpec Profile
  ☆299Updated 5 months ago
• neuvector / kubernetes-cis-benchmark
  A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations
  ☆264Updated last year
• jeremylong / Open-Vulnerability-Project
  Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnera…
  ☆133Updated this week
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆199Updated last year
• aquasecurity / vuln-list
  NVD, Ubuntu, Alpine
  ☆416Updated this week
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆47Updated 3 weeks ago
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆46Updated last week
• Skyscanner / sonar-secrets
  SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
  ☆100Updated last year
• dev-sec / cis-docker-benchmark
  CIS Docker Benchmark - InSpec Profile
  ☆495Updated last year
• jenkinsci / sonarqube-plugin
  SonarQube Scanner for Jenkins
  ☆46Updated 2 months ago
• arminc / clair-local-scan
  Run CoreOs Clair standalone
  ☆254Updated 2 weeks ago
• quay / claircore
  foundation modules for scanning container packages and reporting vulnerabilities
  ☆144Updated last week
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆109Updated this week
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated 10 months ago
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆624Updated last week
• spdx / tools
  SPDX Tools
  ☆132Updated last year