dependency-check / DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆6,858Updated this week
Alternatives and similar repositories for DependencyCheck:
Users that are interested in DependencyCheck are comparing it to the libraries listed below
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,334Updated last week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,986Updated this week
- Integrates Dependency-Check reports into SonarQube☆640Updated last month
- Vulnerability Static Analysis for Containers☆10,592Updated this week
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,970Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆25,571Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,460Updated last month
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,156Updated last year
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,628Updated last week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,345Updated 6 months ago
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,156Updated 5 months ago
- The ZAP by Checkmarx Core project☆13,515Updated this week
- Find, verify, and analyze leaked credentials☆18,785Updated this week
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,815Updated last month
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,853Updated this week
- Fast and powerful SSL/TLS scanning library.☆3,587Updated 2 weeks ago
- cve-search - a tool to perform local searches for known vulnerabilities☆2,433Updated 3 weeks ago
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆704Updated this week
- Web and mobile application security training platform☆1,375Updated 9 months ago
- A tool for mocking HTTP services☆6,733Updated last week
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆11,296Updated this week
- Application Security Verification Standard☆2,951Updated this week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆1,980Updated this week
- OSS-Fuzz - continuous fuzzing for open source software.☆10,982Updated last week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,352Updated 6 months ago
- Code signing and transparency for containers and binaries☆4,879Updated this week
- ☆3,505Updated 3 months ago
- The SDKMAN! Command Line Interface☆6,310Updated 3 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,086Updated last year
- Open source vulnerability DB and triage service.☆1,830Updated this week