OSV-SCALIBR: A library for Software Composition Analysis
☆576Mar 6, 2026Updated this week
Alternatives and similar repositories for osv-scalibr
Users that are interested in osv-scalibr are comparing it to the libraries listed below
Sorting:
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,506Updated this week
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆351Oct 17, 2025Updated 4 months ago
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 3 months ago
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆173Jan 9, 2026Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆467Updated this week
- Unauthenticated enumeration of AWS IAM Roles.☆26Sep 7, 2025Updated 5 months ago
- #supply #chain #attack #detection☆646Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,450Updated this week
- Security tool against dependency typosquatting attacks☆54Feb 25, 2026Updated last week
- Autonomous AI C2☆33Jul 23, 2024Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Dec 12, 2024Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- A collection of Turbo Intruder scripts.☆71Feb 1, 2025Updated last year
- Open source vulnerability DB and triage service.☆2,509Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆605Feb 10, 2026Updated 3 weeks ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Apr 23, 2024Updated last year
- Open Source Package Analysis☆864Feb 27, 2026Updated last week
- Gram is Klarna's own threat model diagramming tool☆331Jan 26, 2026Updated last month
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- 🔎 Static code analysis engine to find security issues in code.☆2,188Feb 26, 2026Updated last week
- A repo to conduct vulnerability enrichment.☆738Updated this week
- Resources for the deps.dev API☆382Updated this week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆142Jan 2, 2025Updated last year
- ☆86Feb 4, 2026Updated last month
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆518Updated this week
- A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service, versions and C…☆17Feb 20, 2026Updated 2 weeks ago
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- OpenVEX Specification☆168Jan 16, 2026Updated last month
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated 2 months ago
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆235Feb 6, 2025Updated last year
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆187Updated this week
- A very simple open source implementation of Google's Project Naptime☆182Mar 27, 2025Updated 11 months ago
- BlueSky OSINT Tool☆14Dec 10, 2024Updated last year
- Windows anti-debugging sandbox☆40Dec 24, 2025Updated 2 months ago
- Burp Suite extension for testing Passkey systems.☆75Apr 1, 2025Updated 11 months ago
- A security layer for Git repositories☆578Updated this week
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Golang SDK for creating messages using Anthropic Claude API.☆23Sep 19, 2024Updated last year