ossf / cve-bin-toolLinks
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
☆1,621Updated last week
Alternatives and similar repositories for cve-bin-tool
Users that are interested in cve-bin-tool are comparing it to the libraries listed below
Sorting:
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆645Updated this week
- Open Source Package Analysis☆863Updated 9 months ago
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,492Updated 8 months ago
- Open source vulnerability DB and triage service.☆2,475Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆966Updated this week
- a static analysis tool for finding vulnerabilities in C/C++ source code☆560Updated last year
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆519Updated 2 months ago
- Firmware Analysis and Comparison Tool☆1,416Updated last week
- A tool for checking the security hardening options of the Linux kernel☆2,038Updated last month
- cwe_checker finds vulnerable patterns in binary executables☆1,315Updated 10 months ago
- EMBA - The firmware security analyzer☆3,353Updated this week
- IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly foun…☆860Updated 4 months ago
- Global Security Database☆318Updated last year
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆4,346Updated this week
- EMBArk - The firmware security scanning environment☆373Updated 3 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆449Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,072Updated this week
- An open source threat modeling tool from OWASP☆1,310Updated this week
- A fork and successor of the Sulley Fuzzing Framework☆2,308Updated last month
- A repo to conduct vulnerability enrichment.☆718Updated this week
- A collection of my Semgrep rules to facilitate vulnerability research.☆779Updated 2 weeks ago
- Binary Analysis Next Generation (BANG)☆517Updated 3 weeks ago
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆202Updated this week
- cve-search - a tool to perform local searches for known vulnerabilities☆2,584Updated last month
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,205Updated 2 weeks ago
- Resources related to GitHub Security Lab☆1,578Updated 2 months ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆597Updated 10 months ago
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆2,134Updated this week
- BinAbsInspector: Vulnerability Scanner for Binaries☆1,671Updated last year
- LLM powered fuzzing via OSS-Fuzz.☆1,353Updated last week