mitre/hipcheck

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mitre/hipcheck)

mitre / hipcheck

Automatically assess and score software repositories for supply chain risk.

☆122

Alternatives and similar repositories for hipcheck

Users that are interested in hipcheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

SBOM-Community / SBOM-Generation
View on GitHub
Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team
☆34Feb 2, 2026Updated last month
cybeats / sbomgen
View on GitHub
List of SBOM Generation Tools
☆30Mar 7, 2025Updated last year
ossf / security-insights
View on GitHub
Machine-readable specification for the attestation of security-relevant data.
☆73Feb 24, 2026Updated 3 weeks ago
ossf / sbom-everywhere
View on GitHub
Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
☆112Feb 28, 2026Updated 3 weeks ago
aibom-squad / AIBOM-RSA-2024
View on GitHub
AIBOM Workshop RSA 2024
☆15May 20, 2024Updated last year
Punderthings / fossfoundation
View on GitHub
Directory of non-profit FOSS Foundations, with detailed metadata.
☆26Nov 29, 2025Updated 3 months ago
OpenChain-Project / Telco-WG
View on GitHub
This is the OpenChain Telco Work Group
☆20Updated this week
bomctl / bomctl
View on GitHub
Format agnostic SBOM tooling
☆135Nov 20, 2025Updated 4 months ago
omnibor / site
View on GitHub
Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
☆21Jan 27, 2025Updated last year
anthonyharrison / lib4vex
View on GitHub
Library to ingest and generate VEX documents
☆19Mar 9, 2026Updated 2 weeks ago
ossf / scorecard-monitor
View on GitHub
Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
☆44Updated this week
CMSgov / SMA-Endpoint-Directory
View on GitHub
☆18Jul 10, 2025Updated 8 months ago
GSA / open-source-policy
View on GitHub
GSA open source policy guidance repository with official policy found at
☆14Oct 2, 2018Updated 7 years ago
cisagov / vulnrichment
View on GitHub
A repo to conduct vulnerability enrichment.
☆742Updated this week
llnl / scraper
View on GitHub
Python library for getting metadata from source code hosting tools
☆55Jan 26, 2026Updated last month
mystak23 / Sentinel_Deployment
View on GitHub
Automatic Microsoft Sentinel Deployment
☆16Apr 1, 2025Updated 11 months ago
transparencylog / tl
View on GitHub
verify https assets with a public transparency log
☆75Oct 28, 2021Updated 4 years ago
AevaOnline / supply-chain-synthesis
View on GitHub
Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
☆33Apr 4, 2023Updated 2 years ago
eBay / sbom-scorecard
View on GitHub
Generate a score for your sbom to understand if it will actually be useful.
☆239Aug 13, 2024Updated last year
interlynk-io / sbomex
View on GitHub
SBOM Explorer - Discover and pull public SBOMs
☆20May 23, 2025Updated 10 months ago
ossf / security-reviews
View on GitHub
A community collection of security reviews of open source software components.
☆98Feb 29, 2024Updated 2 years ago
swinslow / cmake-spdx
View on GitHub
Create SPDX documents automatically with CMake build info
☆32May 2, 2021Updated 4 years ago
interlynk-io / sbomgr
View on GitHub
SBOM Search - Context aware search in SBOM repositories
☆30Nov 24, 2025Updated 3 months ago
spdx / ntia-conformance-checker
View on GitHub
Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
☆84Mar 17, 2026Updated last week
hackebrot / go-librariesio
View on GitHub
API client for libraries.io written in Go
☆11Jun 7, 2017Updated 8 years ago
ossf / ai-ml-security
View on GitHub
Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
☆156Dec 19, 2025Updated 3 months ago
microsoft / OSSGadget
View on GitHub
Collection of tools for analyzing open source packages.
☆358Mar 9, 2026Updated 2 weeks ago
publiccodenet / publiccode.yml
View on GitHub
A metadata description standard for public software and policy repositories
☆19Jan 8, 2019Updated 7 years ago
benbalter / coconductor
View on GitHub
A work-in-progress code of conduct detector based off Licensee
☆15Nov 28, 2022Updated 3 years ago
rothgar / k
View on GitHub
Experimental wrapper for kubectl
☆22Updated this week
Rhosys / soc2.fyi
View on GitHub
SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.
☆53Mar 4, 2026Updated 2 weeks ago
ossf / tac
View on GitHub
Technical Advisory Council
☆136Updated this week
swhid / specification
View on GitHub
Specification of the SWHID identifier
☆15Dec 14, 2025Updated 3 months ago
CycloneDX / transparency-exchange-api
View on GitHub
A standard API specification for exchanging supply chain artifacts and intelligence
☆103Mar 13, 2026Updated last week
IBM / CBOM
View on GitHub
Cryptography Bill of Materials
☆101Sep 17, 2025Updated 6 months ago
alilleybrinker / cargo-spdx
View on GitHub
Generate an SPDX Software Bill of Materials for Rust crates.
☆20Aug 10, 2022Updated 3 years ago
RReverser / serde-ndim
View on GitHub
Serde support for n-dimensional arrays from self-describing formats
☆11Dec 28, 2025Updated 2 months ago
caarlos0 / go-sshagent
View on GitHub
A simple SSH Agent implementation, written in Go, mainly to be used within tests.
☆17Jan 13, 2026Updated 2 months ago
deislabs / image-layer-provenance
View on GitHub
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
☆45Oct 30, 2023Updated 2 years ago