Alternatives and similar repositories for DependencyCheck

Users that are interested in DependencyCheck are comparing it to the libraries listed below

• find-sec-bugs / find-sec-bugs
  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…
  ☆2,352Updated this week
• DependencyTrack / dependency-track
  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…
  ☆3,098Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆7,201Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆9,999Updated this week
• spotbugs / spotbugs
  SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
  ☆3,669Updated this week
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆645Updated 3 months ago
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,155Updated this week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,662Updated this week
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,587Updated 2 years ago
• docker / docker-bench-security
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,402Updated 7 months ago
• pmd / pmd
  An extensible multilanguage static code analyzer.
  ☆5,108Updated last week
• flipkart-incubator / Astra
  Automated Security Testing For REST API's
  ☆2,583Updated last year
• ajinabraham / nodejsscan
  nodejsscan is a static security code scanner for Node.js applications.
  ☆2,471Updated last month
• WebGoat / WebGoat
  WebGoat is a deliberately insecure application
  ☆7,558Updated 2 weeks ago
• Arachni / arachni
  Web Application Security Scanner Framework
  ☆3,913Updated 3 weeks ago
• mbechler / marshalsec
  ☆3,534Updated 5 months ago
• inspec / inspec
  InSpec: Auditing and Testing Framework
  ☆2,928Updated this week
• google / tsunami-security-scanner
  Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…
  ☆8,409Updated last week
• zaproxy / zaproxy
  The ZAP by Checkmarx Core project
  ☆13,719Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,474Updated this week
• OWASP / ASVS
  Application Security Verification Standard
  ☆3,061Updated this week
• blabla1337 / skf-flask
  Security Knowledge Framework (SKF) Python Flask / Angular project
  ☆820Updated last year
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆27,157Updated this week
• prowler-cloud / prowler
  Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security a…
  ☆11,732Updated this week
• OWASP / Top10
  Official OWASP Top 10 Document Repository
  ☆4,631Updated 6 months ago
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆1,901Updated this week
• infobyte / faraday
  Open Source Vulnerability Management Platform
  ☆5,472Updated last week
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆11,250Updated 2 months ago
• SonarSource / sonarqube
  Continuous Inspection
  ☆9,646Updated this week
• DefectDojo / django-DefectDojo
  DevSecOps, ASPM, Vulnerability Management. All on one platform.
  ☆4,064Updated this week