dependency-check / DependencyCheckLinks
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆7,413Updated last week
Alternatives and similar repositories for DependencyCheck
Users that are interested in DependencyCheck are comparing it to the libraries listed below
Sorting:
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,583Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,410Updated 7 months ago
- Integrates Dependency-Check reports into SonarQube☆684Updated 3 months ago
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,477Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆4,412Updated 10 months ago
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆4,063Updated 2 weeks ago
- Vulnerability Static Analysis for Containers☆10,924Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,818Updated this week
- Web Application Security Scanner Framework☆3,993Updated 8 months ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,010Updated last week
- The ZAP by Checkmarx Core project☆14,715Updated this week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,407Updated this week
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,579Updated 2 months ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,722Updated 2 months ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,416Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,435Updated 7 months ago
- Automated Security Testing For REST API's☆2,634Updated last year
- nodejsscan is a static security code scanner for Node.js applications.☆2,542Updated 3 months ago
- ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-base…☆9,480Updated this week
- cve-search - a tool to perform local searches for known vulnerabilities☆2,584Updated 3 weeks ago
- Reconnaissance tool for GitHub organizations☆6,133Updated 3 years ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,255Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,331Updated this week
- Application Security Verification Standard☆3,326Updated last week
- Continuous Inspection☆10,200Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆863Updated 2 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,070Updated last week
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,850Updated 2 years ago
- A service that analyzes docker images and scans for vulnerabilities☆1,593Updated 3 years ago
- Testing TLS/SSL encryption anywhere on any port☆8,847Updated 2 weeks ago