OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,541May 13, 2026Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,808May 11, 2026Updated last week
- Integrates Dependency-Check reports into SonarQube☆690Oct 20, 2025Updated 7 months ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,422Mar 26, 2026Updated last month
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,887Dec 4, 2025Updated 5 months ago
- ☆3,683Jan 9, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Vulnerability Static Analysis for Containers☆10,979May 13, 2026Updated last week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,699Updated this week
- The ZAP by Checkmarx Core project☆15,118May 12, 2026Updated last week
- Source Code Security Audit (源代码安全审计)☆3,187Sep 16, 2022Updated 3 years ago
- 🔥Open source RASP solution☆2,957Oct 2, 2025Updated 7 months ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆15,135Updated this week
- Java web common vulnerabilities and security code which is base on springboot and spring security☆2,664Dec 2, 2024Updated last year
- A simple Java command-line utility to mirror the CVE JSON data from NIST.☆214Nov 4, 2022Updated 3 years ago
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,881Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,695Mar 14, 2024Updated 2 years ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆28,713Updated this week
- Pre-Built Vulnerable Environments Based on Docker-Compose☆20,691May 12, 2026Updated last week
- A vulnerability scanner for container images and filesystems☆12,217Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,587Updated this week
- A powerful browser crawler for web vulnerability scanners☆3,033Mar 11, 2025Updated last year
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆4,127Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,944Updated this week
- Find secrets with Gitleaks 🔑☆27,072May 13, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- The cheat sheet about Java Deserialization vulnerabilities☆3,178May 26, 2023Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,660May 1, 2026Updated 2 weeks ago
- Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and …☆21,018May 11, 2026Updated last week
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,支持使用AI Agent(OpenClaw / Codex / Claude Code / Hermes 等)一键接入工具☆2,383May 8, 2026Updated last week
- Find, verify, and analyze leaked credentials☆26,288Updated this week
- Web application fuzzer☆6,491Jan 21, 2026Updated 3 months ago
- Open Source Vulnerability Management Platform☆6,472Updated this week
- SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list☆6,128Mar 10, 2021Updated 5 years ago
- ☆836Jun 7, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,395Dec 16, 2022Updated 3 years ago
- In-depth attack surface mapping and asset discovery☆14,563Apr 17, 2026Updated last month
- IAST 灰盒扫描工具☆445Jul 19, 2022Updated 3 years ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆10,210Updated this week
- 一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档☆11,558Oct 29, 2024Updated last year
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,083Jun 15, 2021Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,033Feb 23, 2022Updated 4 years ago