microsoft / bandit-sarif-formatter

Related projects: ⓘ

• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆65Updated 2 weeks ago
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆25Updated 3 weeks ago
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆66Updated this week
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆81Updated this week
• twu / skjold
  Security audit Python project dependencies against security advisory databases.
  ☆64Updated 2 weeks ago
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆39Updated 5 months ago
• illikainen / ossaudit
  Audit python packages for known vulnerabilities
  ☆28Updated 2 years ago
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆220Updated this week
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 6 months ago
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆66Updated last month
• OWASP / www-project-benchmark
  OWASP Foundation Web Respository
  ☆17Updated 4 months ago
• snyk / faker-security
  Python Faker provider for security related data
  ☆35Updated last month
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆178Updated 3 weeks ago
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated 5 months ago
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆19Updated last year
• GeekMasher / security-codeql
  CodeQL Security Queries
  ☆19Updated last week
• anthonyharrison / lib4sbom
  Library to ingest and generate SBOMs
  ☆16Updated 3 weeks ago
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆251Updated this week
• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆45Updated last month
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆176Updated this week
• aboutcode-org / univers
  Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…
  ☆30Updated last month
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆19Updated last year
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆69Updated this week
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆129Updated this week
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆42Updated last year
• pypi / inspector
  🕵️ File browser for distributions on PyPI
  ☆80Updated 3 months ago
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆25Updated last week
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆79Updated last week
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆133Updated 5 months ago
• semgrep / semgrep-vscode
  Semgrep extension for Visual Studio Code
  ☆53Updated last week