jeremylong / DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
☆6,308Updated this week
Related projects: ⓘ
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,582Updated this week
- The ZAP core project☆12,501Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,260Updated last month
- Vulnerability Static Analysis for Containers☆10,265Updated this week
- A vulnerability scanner for container images and filesystems☆8,492Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆3,737Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆22,901Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,015Updated this week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,060Updated 4 months ago
- Find, verify, and analyze leaked credentials☆15,668Updated this week
- SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.☆3,458Updated this week
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,605Updated this week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆7,648Updated 5 months ago
- Integrates Dependency-Check reports into SonarQube☆589Updated this week
- Testing TLS/SSL encryption anywhere on any port☆7,885Updated last week
- Protect and discover secrets using Gitleaks 🔑☆17,413Updated this week
- Cloud Native Runtime Security☆7,252Updated this week
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆4,895Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆10,392Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,263Updated 2 weeks ago
- Fast and powerful SSL/TLS scanning library.☆3,232Updated last month
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆10,907Updated this week
- Open Source Vulnerability Management Platform☆4,871Updated last week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆1,890Updated 2 months ago
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,203Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,715Updated 6 months ago
- sslscan tests SSL/TLS enabled services to discover supported cipher suites☆2,292Updated this week
- This repository contains the scanner component for Greenbone Community Edition.☆3,249Updated this week
- w3af: web application attack and audit framework, the open source web vulnerability scanner.☆4,527Updated last year
- OpenSSF Scorecard - Security health metrics for Open Source☆4,404Updated this week