Alternatives and similar repositories for packj

Users that are interested in packj are comparing it to the libraries listed below

• DataDog / guarddog
  GuardDog is a CLI tool to Identify malicious PyPI and npm packages
  ☆879Updated 2 weeks ago
• SourceCode-AI / aura
  Python source code auditing and static analysis on a large scale
  ☆494Updated 2 years ago
• CycodeLabs / raven
  CI/CD Security Analyzer
  ☆726Updated 9 months ago
• ossf / package-analysis
  Open Source Package Analysis
  ☆857Updated 8 months ago
• trailofbits / it-depends
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆378Updated this week
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆347Updated 3 weeks ago
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆425Updated last week
• rusty-ferris-club / shellclear
  Secure shell history commands by finding sensitive data
  ☆225Updated 2 years ago
• aboutcode-org / vulnerablecode
  A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…
  ☆641Updated this week
• xeol-io / xeol
  A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
  ☆424Updated last week
• gittuf / gittuf
  A security layer for Git repositories
  ☆563Updated this week
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆596Updated 8 months ago
• pypa / pip-audit
  Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
  ☆1,156Updated last week
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆268Updated last week
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆824Updated 8 months ago
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆312Updated this week
• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆107Updated 2 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆80Updated last year
• matusf / openapi-fuzzer
  Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
  ☆575Updated last year
• godaddy / tartufo
  Searches through git repositories for high entropy strings and secrets, digging deep into commit history
  ☆509Updated this week
• step-security / harden-runner
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆927Updated last week
• crashappsec / chalk
  Chalk allows you to follow code from development, through builds and into production.
  ☆415Updated last week
• chainguard-dev / malcontent
  #supply #chain #attack #detection
  ☆629Updated this week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆217Updated last week
• google / clusterfuzzlite
  ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
  ☆512Updated 2 weeks ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆105Updated this week
• arnica-ext / GitGoat
  GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…
  ☆170Updated 10 months ago
• ossf / wg-securing-critical-projects
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆378Updated 7 months ago
• vendorsec / mvsp
  Minimum Viable Secure Product mvsp.dev
  ☆204Updated last year
• IBM / import-tracker
  Python utility for tracking third party dependencies within a library
  ☆464Updated this week