dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,176Updated last week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,211Updated last week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,375Updated 2 months ago
- Integrates Dependency-Check reports into SonarQube☆663Updated last week
- A vulnerability scanner for container images and filesystems☆10,633Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,732Updated this week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,234Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,617Updated this week
- Official OWASP Top 10 Document Repository☆4,770Updated 2 months ago
- Vulnerability Static Analysis for Containers☆10,794Updated last week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,408Updated 3 months ago
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,195Updated this week
- The ZAP by Checkmarx Core project☆14,069Updated last week
- WebGoat is a deliberately insecure application☆7,730Updated last week
- This repository contains the scanner component for Greenbone Community Edition.☆4,039Updated this week
- ☆3,591Updated 8 months ago
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,965Updated this week
- Web Application Security Scanner Framework☆3,944Updated 3 months ago
- Open Source Vulnerability Management Platform☆5,940Updated 2 weeks ago
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,029Updated last month
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆780Updated last week
- LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Reque…☆1,456Updated last year
- Web and mobile application security training platform☆1,403Updated last year
- A service that analyzes docker images and scans for vulnerabilities☆1,588Updated 2 years ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,053Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,503Updated last year
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,069Updated 4 months ago
- a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containe…☆1,206Updated 2 years ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆908Updated this week
- grep rough audit - source code auditing tool☆1,643Updated 3 months ago
- An enterprise friendly way of detecting and preventing secrets in code.☆4,234Updated 6 months ago