microsoft / sarif-python-om
Python classes for the SARIF object model
☆42Updated 9 months ago
Alternatives and similar repositories for sarif-python-om:
Users that are interested in sarif-python-om are comparing it to the libraries listed below
- SARIF Microsoft Visual Studio Code extension☆113Updated 2 months ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆73Updated last month
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 10 months ago
- OSS-Fuzz vulnerabilities for OSV.☆143Updated this week
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆95Updated last week
- User-friendly documentation for the SARIF file format.☆289Updated last year
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆111Updated last year
- Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…☆32Updated 3 months ago
- A Python library and command line interface for CVE Services.☆61Updated last month
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆72Updated 2 months ago
- Collection of tools for analyzing open source packages.☆326Updated last week
- The model for the information captured in SPDX version 3 standard.☆73Updated this week
- Exploit Prediction Scoring System (EPSS)☆24Updated 2 years ago
- Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.☆87Updated this week
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆172Updated last week
- A community collection of security reviews of open source software components.☆92Updated 10 months ago
- Open Source Vulnerability schema.☆189Updated last week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆103Updated 3 weeks ago
- Post Processor for Facebook Static Analysis Tools.☆134Updated last week
- Mayhem example templates for programming languages and fuzzers that you love!☆28Updated last year
- CodeQL queries developed by Trail of Bits☆83Updated last month
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- Home page of project "KB"☆116Updated last month
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated 9 months ago
- PURL to CPE Relationship mapping project.☆82Updated this week
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆62Updated 7 months ago
- CredData is a set of files including credentials in open source projects. CredData includes suspicious lines with manual review results a…☆31Updated this week
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆171Updated this week
- A React-based component for viewing SARIF files.☆88Updated 2 months ago
- Fuzz Introspector -- introspect, extend and optimise fuzzers☆391Updated this week