Alternatives and similar repositories for steady

Users that are interested in steady are comparing it to the libraries listed below

• OWASP-Benchmark / BenchmarkJava
  OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…
  ☆721Updated last week
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆207Updated 2 years ago
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆326Updated 3 weeks ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 3 years ago
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆95Updated this week
• SAP / project-kb
  Home page of project "KB"
  ☆127Updated 4 months ago
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆85Updated 7 years ago
• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆188Updated 9 years ago
• stevespringett / Alpine
  An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies
  ☆63Updated this week
• fuzzitdev / javafuzz
  coverage guided fuzz testing for java
  ☆228Updated 4 years ago
• spotbugs / sonar-findbugs
  SpotBugs plugin for SonarQube
  ☆367Updated this week
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆51Updated last month
• fasten-project / fasten
  Analyse package dependency networks at the call graph level
  ☆95Updated last year
• hdiv / hdiv
  Hdiv CE | Application Self-Protection
  ☆215Updated 7 months ago
• ikkisoft / SerialKiller
  Look-Ahead Java Deserialization Library
  ☆418Updated 5 years ago
• mebigfatguy / fb-contrib
  a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
  ☆160Updated 2 weeks ago
• rohanpadhye / JQF
  JQF + Zest: Coverage-guided semantic fuzzing for Java.
  ☆705Updated 2 months ago
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆81Updated this week
• find-sec-bugs / find-sec-bugs
  The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…
  ☆2,361Updated last month
• CodeIntelligenceTesting / jazzer
  Coverage-guided, in-process fuzzing for the JVM
  ☆1,129Updated 2 weeks ago
• coverity / coverity-security-library
  Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…
  ☆202Updated 9 years ago
• pmckeown / dependency-track-maven-plugin
  Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …
  ☆71Updated last week
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆45Updated 2 weeks ago
• ESAPI / esapi-java
  ☆331Updated 2 years ago
• aramrami / OWASP-CSRFGuard
  OWASP CSRFGuard 3.1.0
  ☆161Updated 3 years ago
• ESAPI / esapi-java-legacy
  ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for progr…
  ☆636Updated last month
• isstac / kelinci
  AFL-based fuzzing for Java
  ☆238Updated 5 years ago
• google / vulncode-db
  Vulncode-DB project
  ☆580Updated 3 years ago
• cdaller / security_taint_propagation
  Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.
  ☆28Updated 6 years ago
• dschadow / JavaSecurity
  Java web and command line applications demonstrating various security topics
  ☆237Updated last week