dependency-check / DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆6,707Updated this week
Alternatives and similar repositories for DependencyCheck:
Users that are interested in DependencyCheck are comparing it to the libraries listed below
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,872Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,312Updated 2 months ago
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,886Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,585Updated this week
- Integrates Dependency-Check reports into SonarQube☆630Updated this week
- Vulnerability Static Analysis for Containers☆10,508Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆6,533Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,773Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆24,739Updated this week
- ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-base…☆8,541Updated this week
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,545Updated 3 weeks ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆7,965Updated 10 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,067Updated last year
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,604Updated this week
- ☆3,448Updated last month
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,318Updated 4 months ago
- The ZAP by Checkmarx Core project☆13,088Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,009Updated this week
- 🔥 Web-application firewalls (WAFs) from security standpoint.☆6,489Updated 3 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,617Updated 6 months ago
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆690Updated this week
- Open Source Vulnerability Management Platform☆5,198Updated 3 weeks ago
- Application Security Verification Standard☆2,837Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆827Updated last year
- OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)☆2,455Updated 4 years ago
- cve-search - a tool to perform local searches for known vulnerabilities☆2,375Updated last week
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,769Updated last month
- Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects☆309Updated this week
- Continuous Inspection☆9,324Updated this week
- Cloud Native Runtime Security☆7,620Updated this week