OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
☆1,211Mar 7, 2026Updated this week
Alternatives and similar repositories for dep-scan
Users that are interested in dep-scan are comparing it to the libraries listed below
Sorting:
- blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-o…☆434Feb 5, 2026Updated last month
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…☆138Mar 3, 2026Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆869Sep 1, 2023Updated 2 years ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆912Updated this week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,631Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆605Feb 10, 2026Updated last month
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆647Updated this week
- Binary builds for dep-scan - The Dependency Scanner☆10Apr 1, 2024Updated last year
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆85Mar 3, 2026Updated last week
- A vulnerability scanner for container images and filesystems☆11,680Updated this week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,561Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,529Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆128Jan 2, 2026Updated 2 months ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,947Updated this week
- Open source vulnerability DB and triage service.☆2,509Updated this week
- OXO is a security scanning orchestrator for the modern age.☆563Updated this week
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,590Updated this week
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,503Nov 16, 2025Updated 3 months ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,209Updated this week
- Open Source Vulnerability Management Platform☆6,290Feb 13, 2026Updated 3 weeks ago
- 🔎 Static code analysis engine to find security issues in code.☆2,212Updated this week
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆571May 20, 2025Updated 9 months ago
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,452Updated this week
- CIS Benchmark testing of Windows SIEM configuration☆45May 25, 2023Updated 2 years ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,300Mar 2, 2026Updated last week
- Multi-Cloud Security Auditing Tool☆7,562Sep 23, 2025Updated 5 months ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,450Updated this week
- Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.☆1,021Mar 21, 2025Updated 11 months ago
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,441Jun 11, 2025Updated 9 months ago
- Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management☆4,870Updated this week
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆692Jan 6, 2026Updated 2 months ago
- Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.☆1,115Updated this week
- Open Source Cloud Native Application Protection Platform (CNAPP)☆5,235Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,350Updated this week
- A universal SBOM representation in protocol buffers☆320Mar 2, 2026Updated last week
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆150Sep 4, 2020Updated 5 years ago
- Agile Threat Modeling Toolkit☆735Nov 20, 2025Updated 3 months ago
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,453Updated this week
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago