dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆6,950Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,072Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,342Updated last month
- Integrates Dependency-Check reports into SonarQube☆645Updated 3 months ago
- The ZAP by Checkmarx Core project☆13,646Updated last week
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,842Updated last week
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆4,040Updated this week
- Automated Security Testing For REST API's☆2,577Updated 11 months ago
- Web Application Security Scanner Framework☆3,908Updated last week
- Open Source Vulnerability Management Platform☆5,415Updated 2 weeks ago
- A vulnerability scanner for container images and filesystems☆9,924Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,429Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,241Updated last year
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,660Updated this week
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,721Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆11,728Updated this week
- Vulnerability Static Analysis for Containers☆10,648Updated last week
- Nikto web server scanner☆9,310Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,044Updated this week
- A service that analyzes docker images and scans for vulnerabilities☆1,587Updated 2 years ago
- OWASP API Security Project☆2,170Updated 5 months ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,783Updated last week
- WebGoat is a deliberately insecure application☆7,539Updated last week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,390Updated 7 months ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆916Updated this week
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆713Updated this week
- Open source vulnerability DB and triage service.☆1,881Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆701Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆26,955Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,469Updated 3 weeks ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,454Updated last week