dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,267Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,308Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,382Updated 4 months ago
- Integrates Dependency-Check reports into SonarQube☆669Updated last week
- Vulnerability Static Analysis for Containers☆10,836Updated last week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,296Updated last week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,415Updated 4 months ago
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,834Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆4,279Updated 7 months ago
- A vulnerability scanner for container images and filesystems☆10,861Updated last week
- Application Security Verification Standard☆3,213Updated last week
- This repository contains the scanner component for Greenbone Community Edition.☆4,125Updated this week
- Open source vulnerability DB and triage service.☆2,352Updated this week
- A service that analyzes docker images and scans for vulnerabilities☆1,590Updated 2 years ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,534Updated 2 weeks ago
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆742Updated last week
- Automated Security Testing For REST API's☆2,614Updated last year
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,288Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,763Updated this week
- Security Knowledge Framework (SKF) Python Flask / Angular project☆824Updated last year
- cve-search - a tool to perform local searches for known vulnerabilities☆2,541Updated last month
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆29,550Updated this week
- Testing TLS/SSL encryption anywhere on any port☆8,658Updated 2 weeks ago
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,985Updated last week
- Web and mobile application security training platform☆1,407Updated 2 weeks ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,559Updated last year
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,932Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆13,173Updated this week
- The ZAP by Checkmarx Core project☆14,259Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,118Updated this week
- An open source threat modeling tool from OWASP☆1,217Updated this week