microsoft / sarif-python-om
Python classes for the SARIF object model
☆41Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for sarif-python-om
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆71Updated 3 weeks ago
- SARIF Microsoft Visual Studio Code extension☆111Updated last month
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 8 months ago
- User-friendly documentation for the SARIF file format.☆283Updated 11 months ago
- PURL to CPE Relationship mapping project.☆78Updated this week
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆169Updated last week
- Open Source Vulnerability schema.☆185Updated this week
- A community collection of security reviews of open source software components.☆92Updated 8 months ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆48Updated this week
- OSS-Fuzz vulnerabilities for OSV.☆133Updated this week
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆71Updated 3 weeks ago
- Collection of tools for analyzing open source packages.☆317Updated last week
- The model for the information captured in SPDX version 3 standard.☆71Updated this week
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆91Updated this week
- SCANOSS Open Source Inventory Engine☆35Updated 2 months ago
- A Python library and command line interface for CVE Services.☆58Updated 3 weeks ago
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- Home page of project "KB"☆113Updated 3 weeks ago
- Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.☆84Updated 2 weeks ago
- A report formatter for Bandit (a Python security analyzer) that produces output in the SARIF format.☆18Updated last year
- Feed parsing for language package manager updates☆71Updated last week
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 7 months ago
- Post Processor for Facebook Static Analysis Tools.☆133Updated this week
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆140Updated this week
- ☆80Updated this week
- A fork of Bandit tool with patterns to identifying malicious python code.☆22Updated 2 years ago
- Go library for sarif - Static Analysis Results Interchange Format☆66Updated 3 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 10 months ago
- The heart & core of Privado code scanner☆28Updated last month
- Report missing advisories and corrections on OSS Index☆17Updated last year