microsoft / sarif-python-om

Related projects ⓘ

Alternatives and complementary repositories for sarif-python-om

• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆71Updated 3 weeks ago
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆111Updated last month
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated 8 months ago
• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆283Updated 11 months ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆78Updated this week
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆169Updated last week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆185Updated this week
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 8 months ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆48Updated this week
• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆133Updated this week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆71Updated 3 weeks ago
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆317Updated last week
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆71Updated this week
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆91Updated this week
• scanoss / engine
  SCANOSS Open Source Inventory Engine
  ☆35Updated 2 months ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆58Updated 3 weeks ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• SAP / project-kb
  Home page of project "KB"
  ☆113Updated 3 weeks ago
• ossf / alpha-omega
  Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
  ☆84Updated 2 weeks ago
• microsoft / bandit-sarif-formatter
  A report formatter for Bandit (a Python security analyzer) that produces output in the SARIF format.
  ☆18Updated last year
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆71Updated last week
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆57Updated 7 months ago
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆133Updated this week
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆140Updated this week
• OWASP / OpenCRE
  ☆80Updated this week
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆22Updated 2 years ago
• owenrumney / go-sarif
  Go library for sarif - Static Analysis Results Interchange Format
  ☆66Updated 3 months ago
• spdx / cdx2spdx
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆29Updated 10 months ago
• Privado-Inc / privado-core
  The heart & core of Privado code scanner
  ☆28Updated last month
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated last year