A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.
☆144Oct 5, 2023Updated 2 years ago
Alternatives and similar repositories for oss-vulnerability-guide
Users that are interested in oss-vulnerability-guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆137Apr 20, 2026Updated 2 weeks ago
- A Python client for the Global CVE Allocation System.☆18Mar 26, 2026Updated last month
- ☆20Jul 16, 2025Updated 9 months ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- ☆13Jan 4, 2023Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆106Nov 30, 2018Updated 7 years ago
- Open Source Vulnerability schema.☆247Apr 28, 2026Updated last week
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆218Feb 4, 2026Updated 3 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆107Mar 25, 2026Updated last month
- Tool for signing and verifying the integrity of CloudFormation templates☆15Feb 16, 2023Updated 3 years ago
- A documentation and tracking project with the goal of making package management systems more secure.☆51Mar 5, 2021Updated 5 years ago
- Bro script module for detecting malware using domain generation algorithms.☆13Feb 22, 2018Updated 8 years ago
- Tools used by CSIRT and especially in the scope of CNW☆18Feb 26, 2026Updated 2 months ago
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Feb 26, 2026Updated 2 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Legal, procedural and policies document templates for operating an IRT☆66Mar 15, 2024Updated 2 years ago
- Python code for 1) permuting randomly-generated passwords for easier entry on mobile devices, and 2) for estimating entropy lost as a res…☆16May 5, 2016Updated 10 years ago
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆43May 11, 2023Updated 2 years ago
- Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents☆23Jan 19, 2025Updated last year
- Collect chrome extensions from various devices and find out if they are malicious☆25Mar 1, 2026Updated 2 months ago
- Slack alert bot for matching Github Audit Events☆10Nov 12, 2024Updated last year
- Source for official CVE Program policy documents.☆18Jan 28, 2026Updated 3 months ago
- ☆47Nov 13, 2021Updated 4 years ago
- A set of Rust types for supporting COSE☆42Mar 2, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Utilities to help with Dart source code generation.☆18Apr 29, 2026Updated last week
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆41Jan 25, 2026Updated 3 months ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆82Apr 14, 2026Updated 3 weeks ago
- The repository contains tooling to setup the container based stack.☆15Updated this week
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- A BOM repository server for distributing CycloneDX BOMs☆88Jul 1, 2025Updated 10 months ago
- Utility that provides an API and CLI to identify licenses and legal terms☆54Jul 11, 2025Updated 9 months ago
- Reverse Engineering tool for Ethereum EVM☆20Jun 30, 2016Updated 9 years ago
- OWASP Foundation Web Respository☆37Oct 3, 2025Updated 7 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Embed the Power of Lua into NGINX HTTP servers☆11Dec 1, 2015Updated 10 years ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- Software Component Verification Standard (SCVS)☆157Apr 1, 2025Updated last year
- Python script to send SSH command to Mikrotik device☆12May 2, 2020Updated 6 years ago
- ☆15Mar 20, 2017Updated 9 years ago
- Type adapters for common Go protobuf messages☆18Oct 24, 2024Updated last year
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆163Mar 12, 2024Updated 2 years ago