Alternatives and similar repositories for spdx-sbom-generator

Users that are interested in spdx-sbom-generator are comparing it to the libraries listed below

• awesomeSBOM / awesome-sbom

  View on GitHub
  A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
  ☆565May 20, 2025Updated 8 months ago
• kubernetes-sigs / bom

  View on GitHub
  A utility to generate SPDX-compliant Bill of Materials manifests
  ☆437Updated this week
• microsoft / sbom-tool

  View on GitHub
  The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
  ☆1,980Updated this week
• CycloneDX / cyclonedx-cli

  View on GitHub
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆456Updated this week
• act-project / TAC

  View on GitHub
  Automating Compliance Tooling Project
  ☆22Jan 28, 2022Updated 4 years ago
• tern-tools / tern

  View on GitHub
  Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…
  ☆1,016Mar 12, 2024Updated last year
• CycloneDX / cyclonedx-gomod

  View on GitHub
  Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
  ☆174Feb 6, 2026Updated last week
• openvex / vexctl

  View on GitHub
  A tool to create, transform and attest VEX metadata
  ☆173Updated this week
• interlynk-io / sbomex

  View on GitHub
  SBOM Explorer - Discover and pull public SBOMs
  ☆20May 23, 2025Updated 8 months ago
• spdx / tools-golang

  View on GitHub
  Collection of Go packages to work with SPDX files
  ☆158Jan 16, 2026Updated 3 weeks ago
• anchore / syft

  View on GitHub
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆8,362Updated this week
• interlynk-io / sbomqs

  View on GitHub
  sbomqs: The Comprehensive SBOM Quality & Compliance Tool
  ☆267Updated this week
• devops-kung-fu / bomber

  View on GitHub
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆598Updated this week
• protobom / protobom

  View on GitHub
  A universal SBOM representation in protocol buffers
  ☆315Updated this week
• CycloneDX / specification

  View on GitHub
  OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
  ☆480Updated this week
• spdx / spdx-to-osv

  View on GitHub
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆65May 27, 2024Updated last year
• eBay / sbom-scorecard

  View on GitHub
  Generate a score for your sbom to understand if it will actually be useful.
  ☆237Aug 13, 2024Updated last year
• advanced-security / gh-sbom

  View on GitHub
  Generate SBOMs with gh CLI
  ☆199May 30, 2025Updated 8 months ago
• spdx / cdx2spdx

  View on GitHub
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆33Jan 19, 2024Updated 2 years ago
• spdx / spdx-spec

  View on GitHub
  The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.
  ☆354Updated this week
• package-url / purl-spec

  View on GitHub
  A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
  ☆968Feb 6, 2026Updated last week
• CERTCC / SBOM

  View on GitHub
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆66Apr 8, 2024Updated last year
• ckotzbauer / sbom-operator

  View on GitHub
  Catalogue all images of a Kubernetes cluster to multiple targets with Syft
  ☆220Updated this week
• guacsec / guac

  View on GitHub
  GUAC aggregates software security metadata into a high fidelity graph database.
  ☆1,446Updated this week
• philips-software / SPDXMerge

  View on GitHub
  SPDX Merge tool
  ☆50Apr 22, 2025Updated 9 months ago
• spdx / spdx-3-model

  View on GitHub
  The model for the information captured in SPDX version 3 standard.
  ☆97Updated this week
• spdx / spdx-examples

  View on GitHub
  Examples of SPDX files for software combinations
  ☆142Nov 15, 2025Updated 2 months ago
• openvex / spec

  View on GitHub
  OpenVEX Specification
  ☆167Jan 16, 2026Updated 3 weeks ago
• cdxgen / cdxgen

  View on GitHub
  Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
  ☆897Updated this week
• nyph-infosec / daggerboard

  View on GitHub
  ☆102Sep 27, 2024Updated last year
• spdx / spdx-online-tools

  View on GitHub
  Source for the website providing online SPDX tools
  ☆71Dec 28, 2025Updated last month
• CycloneDX / sbom-utility

  View on GitHub
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆125Jan 2, 2026Updated last month
• spdx / ntia-conformance-checker

  View on GitHub
  Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
  ☆79Feb 6, 2026Updated last week
• CycloneDX / cyclonedx-bom-repo-server

  View on GitHub
  A BOM repository server for distributing CycloneDX BOMs
  ☆87Jul 1, 2025Updated 7 months ago
• scanoss / purl2cpe

  View on GitHub
  PURL to CPE Relationship mapping project.
  ☆111Updated this week
• vmware-samples / sbom-composer

  View on GitHub
  A tool that takes two or more micro SBOMs and composes them into one distributable SBOM
  ☆23Mar 23, 2023Updated 2 years ago
• CycloneDX / cyclonedx-linux-generator

  View on GitHub
  Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions
  ☆50Dec 2, 2025Updated 2 months ago
• in-toto / in-toto

  View on GitHub
  in-toto is a framework to protect supply chain integrity.
  ☆972Feb 3, 2026Updated last week
• microsoft / component-detection

  View on GitHub
  Scans your project to determine what components you use
  ☆531Feb 7, 2026Updated last week