Alternatives and similar repositories for sbomplay

Users that are interested in sbomplay are comparing it to the libraries listed below

• mihir-shah99 / vxdf
  ☆61Updated 4 months ago
• xvnpw / ai-security-analyzer
  A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects
  ☆92Updated last month
• alexdevassy / AI-Powered-Vulnerability-Impact-Analyzer
  Vulnerability impact analyzer that reduces false positives in SCA tools by performing intelligent code analysis. Uses agentic AI with ope…
  ☆58Updated 7 months ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆66Updated 3 months ago
• xvnpw / sec-docs
  An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
  ☆34Updated 7 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆43Updated 2 weeks ago
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆44Updated 10 months ago
• Toreon / threat-model-playbook
  ☆88Updated 4 years ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆124Updated last year
• kenhuangus / Artificial-Intelligence-Vulnerability-Scoring-System-AIVSS
  ☆38Updated 9 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆77Updated last year
• raphabot / awesome-cybersecurity-agentic-ai
  ☆312Updated 2 weeks ago
• makalin / SecureMCP
  SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…
  ☆133Updated 4 months ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆110Updated last year
• apiiro / malicious-code-ruleset
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆127Updated 7 months ago
• BishopFox / llm-testing-findings
  LLM Testing Findings Templates
  ☆73Updated last year
• opengrep / opengrep-rules
  ☆88Updated 8 months ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆211Updated this week
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆19Updated 3 years ago
• cytix-software / AppSec-Detection-Framework
  A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…
  ☆32Updated this week
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated 5 months ago
• nccgroup / ccs
  ☆113Updated 2 years ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆79Updated last year
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆47Updated 3 years ago
• Cybr-Inc / fwdcloudsec-2025-summaries
  Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…
  ☆80Updated 3 months ago
• anshumanbh / cyber-safari
  A fun POC that is built to understand AI security agents.
  ☆33Updated 9 months ago
• OWASP / OpenCRE
  ☆122Updated 2 weeks ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆67Updated 4 months ago
• mikeprivette / ai-security-shared-responsibility
  AI Security Shared Responsibility Model
  ☆52Updated last week
• PaloAltoNetworks / cobra-tool
  Cloud Offensive Breach and Risk Assessment (COBRA) Tool
  ☆95Updated 4 months ago