Alternatives and similar repositories for ossaudit

Users that are interested in ossaudit are comparing it to the libraries listed below

• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆105Updated last month
• jhermann / dependency-check-py
  Shim to easily install OWASP dependency-check-cli into Python projects
  ☆50Updated 4 years ago
• sonatype-nexus-community / jake
  Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
  ☆123Updated last month
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆51Updated 2 years ago
• Contrast-Security-OSS / DjanGoat
  Python and Django implementation of the OWASP RailsGoat project
  ☆75Updated last year
• snyk / faker-security
  Python Faker provider for security related data
  ☆40Updated 3 weeks ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆124Updated last week
• twu / skjold
  Security audit Python project dependencies against security advisory databases.
  ☆66Updated 2 months ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆68Updated 2 weeks ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆21Updated 2 years ago
• csaf-tools / CVRF-CSAF-Converter
  A CVRF CSAF Converter, taking care about OASIS specification.
  ☆10Updated 2 months ago
• ShiftLeftSecurity / scan-docs
  ☆27Updated 2 years ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆223Updated last year
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆50Updated 2 years ago
• RedHatProductSecurity / advisory-parser
  A library for parsing security advisories
  ☆13Updated last month
• tilakthimmappa / pyraider
  Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities datab…
  ☆17Updated 3 years ago
• cve-search / CveXplore
  CveXplore
  ☆42Updated last week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆77Updated this week
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆301Updated last week
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 4 years ago
• oasis-open / csaf-parser
  OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…
  ☆23Updated 3 years ago
• devsecops / raindance
  Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.
  ☆48Updated 8 years ago
• cve-search / PyCVESearch
  Python wrapper for the API of cve-search
  ☆126Updated last year
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• philips-software / license-scanner
  Service to scan licenses from source code
  ☆12Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆149Updated 4 months ago
• vulsio / go-cpe-dictionary
  Build a local copy of CPE(Common Platform Enumeration)
  ☆104Updated last month
• cve-search / cpe-guesser
  Tool to guess CPE name based on common software name
  ☆101Updated 8 months ago