dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,306Updated this week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,392Updated 5 months ago
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,363Updated this week
- Integrates Dependency-Check reports into SonarQube☆674Updated 3 weeks ago
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,771Updated last week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,345Updated this week
- A vulnerability scanner for container images and filesystems☆11,005Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,952Updated this week
- Vulnerability Static Analysis for Containers☆10,852Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆29,853Updated this week
- Application Security Verification Standard☆3,234Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,145Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,592Updated last year
- An extensible multilanguage static code analyzer.☆5,248Updated this week
- Continuous Inspection☆10,041Updated this week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,046Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,026Updated this week
- Automated Security Testing For REST API's☆2,622Updated last year
- Open Source Vulnerability Management Platform☆6,023Updated last month
- A service that analyzes docker images and scans for vulnerabilities☆1,590Updated 2 years ago
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,815Updated 2 years ago
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,937Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆13,366Updated this week
- cve-search - a tool to perform local searches for known vulnerabilities☆2,548Updated last month
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,419Updated 5 months ago
- Testing TLS/SSL encryption anywhere on any port☆8,697Updated this week
- The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This …☆524Updated this week
- Security Knowledge Framework (SKF) Python Flask / Angular project☆825Updated last year
- An enterprise friendly way of detecting and preventing secrets in code.☆4,305Updated 8 months ago
- Fast and powerful SSL/TLS scanning library.☆3,690Updated 3 months ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,548Updated last month