dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,225Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,259Updated last week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,383Updated 3 months ago
- Fast and powerful SSL/TLS scanning library.☆3,670Updated 2 months ago
- WebGoat is a deliberately insecure application☆8,465Updated last week
- The ZAP by Checkmarx Core project☆14,157Updated last week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,530Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,234Updated this week
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,981Updated this week
- Web Application Security Scanner Framework☆3,949Updated 4 months ago
- An enterprise friendly way of detecting and preventing secrets in code.☆4,260Updated 6 months ago
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,750Updated this week
- Vulnerability Static Analysis for Containers☆10,814Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,811Updated this week
- Application Security Verification Standard☆3,182Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,084Updated last week
- OWASP Juice Shop: Probably the most modern and sophisticated insecure web application☆11,716Updated last week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,258Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆12,926Updated this week
- Continuous Inspection☆9,917Updated last week
- Find, verify, and analyze leaked credentials☆22,511Updated last week
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆11,752Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,731Updated this week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,034Updated this week
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,520Updated last month
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆853Updated 2 years ago
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,410Updated 3 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,487Updated this week
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,792Updated 2 years ago
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆738Updated last week
- Open source vulnerability DB and triage service.☆1,995Updated last week