dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,363Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,492Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,399Updated 6 months ago
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,795Updated last week
- Integrates Dependency-Check reports into SonarQube☆679Updated 2 months ago
- Vulnerability Static Analysis for Containers☆10,886Updated last week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,408Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,661Updated 3 weeks ago
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,427Updated 6 months ago
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆4,038Updated 2 weeks ago
- Nikto web server scanner☆9,928Updated last month
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆13,681Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,156Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,267Updated this week
- The ZAP by Checkmarx Core project☆14,571Updated this week
- Automated mass refactoring of source code.☆3,164Updated this week
- ☆3,642Updated 11 months ago
- A vulnerability scanner for container images and filesystems☆11,259Updated this week
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,277Updated 7 months ago
- A suite of tools to automate software compliance checks.☆1,883Updated this week
- An extensible multilanguage static code analyzer.☆5,269Updated this week
- Open source vulnerability DB and triage service.☆2,427Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,546Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆4,348Updated 9 months ago
- Testing TLS/SSL encryption anywhere on any port☆8,783Updated last week
- Find secrets with Gitleaks 🔑☆24,377Updated 2 weeks ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆861Updated 2 years ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,558Updated 3 weeks ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆862Updated last week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,364Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,201Updated last week