google / osv.dev
Open source vulnerability DB and triage service.
☆1,486Updated this week
Related projects: ⓘ
- Supply-chain Levels for Software Artifacts☆1,521Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆6,117Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆454Updated 3 months ago
- Open Source Package Analysis☆720Updated last week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,257Updated this week
- An open source threat modeling tool from OWASP☆888Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,390Updated this week
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,309Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆494Updated last week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,582Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆790Updated last year
- GitHub App to set and enforce security policies☆1,240Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆982Updated last week
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆1,709Updated this week
- Semgrep rules registry☆773Updated this week
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆466Updated last week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆546Updated this week
- Global Security Database☆305Updated 4 months ago
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,015Updated this week
- Granular, Actionable Adversary Emulation for the Cloud☆1,742Updated this week
- Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan☆786Updated this week
- CVE Alerting Platform☆1,767Updated this week
- Support CI generation of SBOMs via golang tooling.☆396Updated 8 months ago
- CVE cache of the official CVE List in CVE JSON 5 format☆705Updated this week
- The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnera…☆1,183Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆586Updated last week
- Vulnerable app with examples showing how to not use secrets☆1,203Updated this week
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,570Updated this week
- grep rough audit - source code auditing tool☆1,487Updated last month
- Code signing and transparency for containers and binaries☆4,376Updated last week