dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,133Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,364Updated 2 months ago
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,184Updated this week
- The ZAP by Checkmarx Core project☆13,980Updated last week
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,924Updated 2 weeks ago
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆4,165Updated last week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,400Updated 2 months ago
- Open Source Vulnerability Management Platform☆5,891Updated 3 weeks ago
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,720Updated last week
- Continuous Inspection☆9,811Updated this week
- Vulnerability Static Analysis for Containers☆10,770Updated this week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,205Updated last week
- A vulnerability scanner for container images and filesystems☆10,449Updated last week
- A suite of tools to automate software compliance checks.☆1,797Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,025Updated this week
- Open source vulnerability DB and triage service.☆1,958Updated this week
- Automated Security Testing For REST API's☆2,607Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,467Updated last year
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,751Updated 2 years ago
- Find, verify, and analyze leaked credentials☆20,191Updated last week
- A service that analyzes docker images and scans for vulnerabilities☆1,587Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆12,564Updated this week
- OWASP API Security Project☆2,201Updated 7 months ago
- Web Application Security Scanner Framework☆3,940Updated 3 months ago
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,478Updated last week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,025Updated 3 weeks ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,502Updated last month
- nodejsscan is a static security code scanner for Node.js applications.☆2,490Updated last month
- An enterprise friendly way of detecting and preventing secrets in code.☆4,209Updated 5 months ago
- WebGoat is a deliberately insecure application☆7,665Updated 2 weeks ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,035Updated 3 months ago