Alternatives and similar repositories for DependencyCheck:

Users that are interested in DependencyCheck are comparing it to the libraries listed below

• find-sec-bugs / find-sec-bugs
  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…
  ☆2,321Updated last week
• DependencyTrack / dependency-track
  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…
  ☆2,939Updated this week
• archerysec / archerysec
  ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
  ☆2,323Updated 5 months ago
• DefectDojo / django-DefectDojo
  DevSecOps, ASPM, Vulnerability Management. All on one platform.
  ☆3,935Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,069Updated this week
• SonarSource / sonarqube
  Continuous Inspection
  ☆9,425Updated this week
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,785Updated this week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,550Updated last week
• rbsec / sslscan
  sslscan tests SSL/TLS enabled services to discover supported cipher suites
  ☆2,427Updated 2 months ago
• spotbugs / spotbugs
  SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
  ☆3,601Updated this week
• zaproxy / zaproxy
  The ZAP by Checkmarx Core project
  ☆13,367Updated last week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆6,744Updated this week
• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆8,046Updated 11 months ago
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆25,104Updated this week
• Arachni / arachni
  Web Application Security Scanner Framework
  ☆3,867Updated last year
• greenbone / openvas-scanner
  This repository contains the scanner component for Greenbone Community Edition.
  ☆3,684Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,166Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆9,584Updated this week
• OWASP-Benchmark / BenchmarkJava
  OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…
  ☆698Updated last week
• infobyte / faraday
  Open Source Vulnerability Management Platform
  ☆5,313Updated 2 weeks ago
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,588Updated 2 years ago
• andresriancho / w3af
  w3af: web application attack and audit framework, the open source web vulnerability scanner.
  ☆4,686Updated 2 years ago
• cve-search / cve-search
  cve-search - a tool to perform local searches for known vulnerabilities
  ☆2,403Updated this week
• GrrrDog / Java-Deserialization-Cheat-Sheet
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,078Updated last year
• sullo / nikto
  Nikto web server scanner
  ☆9,071Updated last month
• xmendez / wfuzz
  Web application fuzzer
  ☆6,110Updated 7 months ago
• wazuh / wazuh
  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
  ☆12,004Updated this week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆10,918Updated this week
• flipkart-incubator / Astra
  Automated Security Testing For REST API's
  ☆2,556Updated 9 months ago
• michenriksen / gitrob
  Reconnaissance tool for GitHub organizations
  ☆6,014Updated 2 years ago