intel / cve-bin-tool-action
Known vulnerability scanning for your GitHub repository using CVE Binary Tool. This Action can scan binaries, component lists and SBOMs for known vulnerabilities and CVEs. It can generate SBOM component lists as well as reports in the Security Tab and in HTML/JSON/PDF format.
☆11Updated last week
Related projects ⓘ
Alternatives and complementary repositories for cve-bin-tool-action
- Automated dynamic security analysis by emulation of IoT firmware images in CI-pipelines.☆11Updated 3 years ago
- Apport intercepts Program crashes, collects debugging information about the crash and the operating system environment, and sends it to b…☆24Updated this week
- Mayhem example templates for programming languages and fuzzers that you love!☆27Updated 10 months ago
- Go wrapper for awslabs/certlint☆24Updated 4 years ago
- ☆26Updated this week
- Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension☆9Updated 5 months ago
- Action to detect if a secret is initially detected in a pull request☆12Updated this week
- Static code analysis of refpolicy style SELinux policy☆38Updated 2 weeks ago
- Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations☆21Updated 6 months ago
- ☆13Updated last month
- My personal blog about OS kernel development and security -- https://a13xp0p0v.github.io/☆9Updated 5 months ago
- SARIF Microsoft Visual Studio Code extension☆111Updated 3 weeks ago
- OWASP Foundation Web Respository☆10Updated last year
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆37Updated this week
- ☆15Updated 4 years ago
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- Fuzz targets for OSS-Fuzz☆23Updated 6 years ago
- CodeQL Security Queries☆21Updated this week
- Hook for the PoC for exploiting CVE-2024-32002☆15Updated 5 months ago
- Containing vulnerabilities I've discovered and maybe CVE☆17Updated last year
- OpenSSF Project Template☆17Updated 11 months ago
- The model for the information captured in SPDX version 3 standard.☆70Updated 2 weeks ago
- Semgrep extension for Visual Studio Code☆53Updated this week
- Automatic generator of YARA modules based in protocol buffers☆14Updated 2 months ago
- Open YARA scan- and search engine☆16Updated this week
- Security-focused Chaos Experiments for DevSecOps Teams☆23Updated 4 months ago
- Abusing Cloudflare Workers to establish persistence and exfiltrate sensitive data at the edge.☆12Updated 2 years ago
- Custom semgrep rules registry☆12Updated 2 years ago
- Reworked version of https://golang.org/src/crypto/tls/generate_cert.go☆10Updated last year
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass☆18Updated 3 years ago