lirantal / cwe-sdk

Related projects: ⓘ

• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 4 months ago
• Contrast-Security-OSS / safelog4j
  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …
  ☆41Updated 3 months ago
• Contrast-Security-OSS / vulnerable-spring-boot-application
  ☆13Updated 5 months ago
• jtmelton / camas
  A zero-dependency tool for finding secrets in directories
  ☆10Updated 3 years ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆40Updated 2 years ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆92Updated last year
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆30Updated last year
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆42Updated 3 weeks ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆23Updated last year
• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• stevespringett / cvss-calculator
  A Java library for calculating CVSSv2 and CVSSv3 scores and vectors
  ☆36Updated this week
• hakbot / hakbot-origin-controller
  Vendor-Neutral Security Tool Automation Controller (over REST)
  ☆29Updated 5 years ago
• cxai / Checkmarx-PowerTools
  A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
  ☆14Updated 6 years ago
• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆45Updated last year
• OWASP / Container-Security-Verification-Standard
  Container Security Verification Standard
  ☆57Updated 5 years ago
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆48Updated this week
• omerlh / zap-operator
  ☆21Updated 4 years ago
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 5 years ago
• OpenSecuritySummit / oss2019
  Open Security Summit 2019
  ☆24Updated 3 years ago
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated last year
• eclipse / jbom
  ☆110Updated 3 months ago
• OWASP / www-project-integration-standards
  OWASP Foundation Web Respository
  ☆26Updated last month
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆37Updated last year
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆138Updated 6 months ago
• DefectDojo / Burp-Plugin
  A Burp plugin to export findings to DefectDojo
  ☆29Updated 10 months ago
• synopsys-sig / tslint-angular-security
  TSLint rules for Angular
  ☆18Updated 5 years ago
• kiview / damn-vulnerable-spring-boot-app
  Spring-Boot app for demonstrating security vulnaribilities
  ☆13Updated 5 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆42Updated last year
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 6 months ago
• OWASP / www-project-dependency-check
  OWASP Foundation Web Respository
  ☆13Updated 2 months ago