OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,441Feb 20, 2026Updated last week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,623Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,412Jun 17, 2025Updated 8 months ago
- Integrates Dependency-Check reports into SonarQube☆686Oct 20, 2025Updated 4 months ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,750Dec 4, 2025Updated 2 months ago
- The ZAP by Checkmarx Core project☆14,796Updated this week
- ☆3,658Jan 9, 2025Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,532Updated this week
- Vulnerability Static Analysis for Containers☆10,932Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,193Feb 20, 2026Updated last week
- 🔥Open source RASP solution☆2,951Oct 2, 2025Updated 4 months ago
- Java web common vulnerabilities and security code which is base on springboot and spring security☆2,649Dec 2, 2024Updated last year
- Source Code Security Audit (源代码安全审计)☆3,186Sep 16, 2022Updated 3 years ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,194Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,828Updated this week
- A vulnerability scanner for container images and filesystems☆11,602Updated this week
- Pre-Built Vulnerable Environments Based on Docker-Compose☆20,312Feb 14, 2026Updated 2 weeks ago
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,253Feb 20, 2026Updated last week
- Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and …☆20,438Feb 3, 2026Updated 3 weeks ago
- Find secrets with Gitleaks 🔑☆25,103Feb 21, 2026Updated last week
- Find, verify, and analyze leaked credentials☆24,643Feb 20, 2026Updated last week
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,689Mar 14, 2024Updated last year
- A powerful browser crawler for web vulnerability scanners☆3,016Mar 11, 2025Updated 11 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,164May 26, 2023Updated 2 years ago
- Open Source Vulnerability Management Platform☆6,266Feb 13, 2026Updated 2 weeks ago
- In-depth attack surface mapping and asset discovery☆14,159Updated this week
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,562Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,416Updated this week
- Web application fuzzer☆6,417Jan 21, 2026Updated last month
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,380Jan 16, 2026Updated last month
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆4,072Feb 14, 2026Updated 2 weeks ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,480Updated this week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆11,983Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,438Jun 11, 2025Updated 8 months ago
- SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list☆6,117Mar 10, 2021Updated 4 years ago
- pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.☆3,830Feb 28, 2025Updated last year
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,388Dec 16, 2022Updated 3 years ago
- Cloud Native Runtime Security☆8,690Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,551Oct 10, 2025Updated 4 months ago