Alternatives and similar repositories for sarif-vscode-extension

Users that are interested in sarif-vscode-extension are comparing it to the libraries listed below

• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆340Updated 2 years ago
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆192Updated last week
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆103Updated last year
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆357Updated this week
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆160Updated last year
• advanced-security / secret-scanning-review-action
  Action to detect if a secret is initially detected in a pull request
  ☆19Updated this week
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆45Updated last year
• microsoft / rest-api-fuzz-testing
  REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…
  ☆265Updated 4 years ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆230Updated last week
• JLLeitschuh / bulk-security-pr-generator
  Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
  ☆36Updated 8 months ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆140Updated 5 months ago
• google / oss-fuzz-vulns
  OSS-Fuzz vulnerabilities for OSV.
  ☆171Updated this week
• GeekMasher / ghastoolkit
  GitHub Advanced Security Python Toolkit
  ☆14Updated this week
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆141Updated last week
• SAP / project-kb
  Home page of project "KB"
  ☆132Updated 10 months ago
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• trailofbits / it-depends
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆381Updated 2 weeks ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆79Updated this week
• fasten-project / fasten
  Analyse package dependency networks at the call graph level
  ☆97Updated 2 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆81Updated last year
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆199Updated 8 months ago
• CycloneDX / cyclonedx-node-module
  creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
  ☆137Updated 2 weeks ago
• bureado / awesome-software-supply-chain-security
  A compilation of resources in the software supply chain security domain, with emphasis on open source
  ☆344Updated 2 years ago
• oracle / macaron
  Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …
  ☆186Updated this week
• advanced-security / codeql-workshops-staging
  Original workshops and staging area for new ones
  ☆16Updated 7 months ago
• owenrumney / go-sarif
  Go library for SARIF - Static Analysis Results Interchange Format
  ☆80Updated 3 months ago
• ajinabraham / libsast
  Generic SAST Library
  ☆135Updated 7 months ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆62Updated 8 months ago
• OWASP / www-project-benchmark
  OWASP Foundation Web Respository
  ☆19Updated last month
• google / clusterfuzzlite
  ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
  ☆519Updated 2 months ago