A community collection of security reviews of open source software components.
☆97Feb 29, 2024Updated 2 years ago
Alternatives and similar repositories for security-reviews
Users that are interested in security-reviews are comparing it to the libraries listed below
Sorting:
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Mar 13, 2024Updated last year
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆223Apr 23, 2024Updated last year
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆213Feb 4, 2026Updated 3 weeks ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆197Jan 15, 2026Updated last month
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆135Nov 15, 2025Updated 3 months ago
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆992Feb 24, 2026Updated last week
- OpenSSF Security Tooling Working Group☆320Jul 6, 2025Updated 7 months ago
- Knative common scripts.☆24Feb 12, 2026Updated 2 weeks ago
- Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)☆199Dec 22, 2025Updated 2 months ago
- A TUF repository and signing tool☆43Feb 24, 2026Updated last week
- ☆10May 12, 2022Updated 3 years ago
- Website and API for OpenSSF Scorecard☆28Feb 20, 2026Updated last week
- Machine-readable specification for the attestation of security-relevant data.☆72Feb 24, 2026Updated last week
- Helping allocate resources to secure the critical open source projects we all depend on.☆387May 8, 2025Updated 9 months ago
- Supply Chain Integrity Model☆106Jun 12, 2023Updated 2 years ago
- List your tfsec issues in the QuickFix window with this plugin.☆12May 16, 2022Updated 3 years ago
- Daily updated malware indicator lists from TR-CERT (USOM), including parsed malicious URLs, IPs, and domains.☆15Updated this week
- AWS container security survey 2020☆11Dec 2, 2020Updated 5 years ago
- ☆13Updated this week
- Enable Falco to read audit logs from EKS☆11Dec 13, 2020Updated 5 years ago
- OpenDXL Console is a high-level web-based console for interacting with a DXL fabric☆11Mar 29, 2021Updated 4 years ago
- ☆11Dec 18, 2020Updated 5 years ago
- Burp Enterprise Toolkit☆12Feb 25, 2022Updated 4 years ago
- Collection of tools for analyzing open source packages.☆357Feb 24, 2026Updated last week
- Script for applied security baseline controls in RedHat/CentOS.☆12Jun 30, 2025Updated 8 months ago
- A configurable and flexible admission controller toolkit for Kubernetes built in Go and extensible with Go.☆13Sep 29, 2023Updated 2 years ago
- Repository of Vagrant images created by Continuum Analytics https://atlas.hashicorp.com/continuumio/☆11Aug 14, 2024Updated last year
- Yet Another SCA tool☆13Nov 10, 2022Updated 3 years ago
- Kubernetes tools in a "distroless" container☆13Oct 30, 2023Updated 2 years ago
- A tool for the lazy OSINTer that focuses on discovery of subdomains related to a specific domain. The tool will run for free in Google Ap…☆12Mar 4, 2021Updated 4 years ago
- 🖼 imgify - Convert any file to PNG and back.☆13Oct 20, 2025Updated 4 months ago
- The public key cryptography framework☆11Oct 31, 2017Updated 8 years ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- SLSA level 3 action☆11Apr 26, 2024Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- ☆29Jan 31, 2025Updated last year
- Open Source Vulnerability schema.☆235Feb 20, 2026Updated last week
- A very vulnerable implementation of a GraphQL API.☆17Feb 12, 2026Updated 2 weeks ago
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆13Aug 27, 2023Updated 2 years ago