Alternatives and similar repositories for ossaudit

Users that are interested in ossaudit are comparing it to the libraries listed below

• sonatype-nexus-community / jake
  Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
  ☆124Updated 2 months ago
• jhermann / dependency-check-py
  Shim to easily install OWASP dependency-check-cli into Python projects
  ☆50Updated 4 years ago
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆51Updated 2 years ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆107Updated 3 weeks ago
• twu / skjold
  Security audit Python project dependencies against security advisory databases.
  ☆66Updated last week
• ShiftLeftSecurity / scan-docs
  ☆27Updated 2 years ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆128Updated 2 weeks ago
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 4 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• csaf-tools / CVRF-CSAF-Converter
  A CVRF CSAF Converter, taking care about OASIS specification.
  ☆10Updated 2 months ago
• tilakthimmappa / pyraider
  Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities datab…
  ☆17Updated 3 years ago
• sbomtools / apt2sbom
  apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information
  ☆22Updated 3 years ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆21Updated 2 years ago
• cve-search / cpe-guesser
  Tool to guess CPE name based on common software name
  ☆103Updated this week
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 2 years ago
• Contrast-Security-OSS / DjanGoat
  Python and Django implementation of the OWASP RailsGoat project
  ☆75Updated last year
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 4 years ago
• snyk / snyk-python-plugin
  Basic Snyk CLI plugin for Python support
  ☆20Updated this week
• snyk / faker-security
  Python Faker provider for security related data
  ☆40Updated last month
• aatlasis / cve_manager
  A python script that a) parses NIST NVD CVEs, b) prcoesses and exports them to CSV files, c) creates a postgres database and imports all …
  ☆77Updated 3 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆66Updated 2 months ago
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆77Updated this week
• we45 / Vulnerable-Flask-App
  Intentionally Vulnerable Flask app for use in Demos
  ☆32Updated last month
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆302Updated last week
• ttarvis / glasgo
  A Security Scanner for Go
  ☆26Updated 6 years ago
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 2 months ago
• JordanMilne / Advocate
  An SSRF-preventing wrapper around Python's requests library. Advocate is no longer maintained, please fork and rename if you would like t…
  ☆95Updated last year
• google / gke-auditor
  ☆74Updated 4 years ago
• jgamblin / CISA_Enrichment
  CISA Known Exploited Vulnerabilities Catalog Enrichment
  ☆18Updated last year