owenrumney / go-sarif

Related projects ⓘ

Alternatives and complementary repositories for go-sarif

• picatz / taint
  🚰 Static taint analysis for Go programs.
  ☆57Updated 3 months ago
• CycloneDX / cyclonedx-gomod
  Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
  ☆136Updated this week
• package-url / packageurl-go
  Go implementation of the package url spec
  ☆54Updated 3 months ago
• doyensec / safeurl
  A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.
  ☆93Updated 6 months ago
• pjbgf-archives / gosystract
  A lightweight CLI tool that finds system calls being called inside golang applications.
  ☆31Updated 3 years ago
• aquasecurity / go-dep-parser
  Dependency Parser for Multiple Programming Languages
  ☆146Updated 5 months ago
• CycloneDX / cyclonedx-go
  Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)
  ☆79Updated last week
• AdaLogics / go-fuzz-headers
  ☆94Updated 3 months ago
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• google / go-flow-levee
  ☆194Updated 2 years ago
• catenacyber / ngolo-fuzzing
  Automatic fuzz targets generation for Golang packages
  ☆53Updated 4 months ago
• google / osv-scalibr
  ☆95Updated this week
• knqyf263 / go-deb-version
  A golang library for parsing deb package versions
  ☆36Updated this week
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆42Updated 11 months ago
• jlauinger / go-geiger
  Static code analysis tool to find unsafe usages in Go packages and their dependencies
  ☆41Updated 4 years ago
• thepudds / fzgo
  fzgo is a prototype of "make fuzzing a first class citizen" in the go command. Supports rich signatures & generating fuzz functions.
  ☆112Updated 2 years ago
• in-toto / in-toto-golang
  A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
  ☆131Updated last week
• goark / go-cvss
  Common Vulnerability Scoring System (CVSS)
  ☆24Updated 8 months ago
• chainguard-dev / justtrustme
  ☆51Updated 8 months ago
• cncf / cncf-fuzzing
  ✨🔐 CNCF Fuzzers
  ☆113Updated this week
• ancat / hypercam
  A tool for interacting with live processes/containers
  ☆22Updated 2 years ago
• akwick / gotcha
  Go Taint CHeck Analyser
  ☆44Updated 5 years ago
• go-enry / go-license-detector
  Reliable project licenses detector.
  ☆131Updated 5 months ago
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆58Updated 2 years ago
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆199Updated last year
• thepudds / fzgen
  Auto-gen Go fuzzing wrappers from normal code. Finds buggy call sequences, including data races & deadlocks. Supports rich signature type…
  ☆105Updated 3 months ago
• ozonru / cyclonedx-go
  Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…
  ☆21Updated 4 years ago
• creekorful / mvnparser
  Go parser for maven Project Object Model (POM) file
  ☆23Updated 2 years ago
• sigstore / sigstore-go
  Go library for Sigstore signing and verification
  ☆48Updated this week
• knqyf263 / go-cpe
  A Go library for CPE (A Common Platform Enumeration 2.3)
  ☆34Updated last year