owenrumney / go-sarifLinks
Go library for SARIF - Static Analysis Results Interchange Format
β79Updated this week
Alternatives and similar repositories for go-sarif
Users that are interested in go-sarif are comparing it to the libraries listed below
Sorting:
- π° Static taint analysis for Go programs.β65Updated 2 weeks ago
- Creates CycloneDX Software Bill of Materials (SBOM) from Go modulesβ156Updated this week
- Dependency Parser for Multiple Programming Languagesβ148Updated last year
- A Server Side Request Forgery (SSRF) protection library. Made with π€ by Doyensec LLC.β102Updated 3 weeks ago
- Go implementation of the package url specβ62Updated 3 months ago
- β108Updated 10 months ago
- Reliable project licenses detector.β136Updated last year
- SARIF Microsoft Visual Studio Code extensionβ117Updated 2 weeks ago
- Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)β89Updated 2 weeks ago
- β195Updated 2 years ago
- Open Source Vulnerability schema.β202Updated last month
- β57Updated 3 years ago
- Collection of Go packages to work with SPDX filesβ145Updated last week
- go library for processing container images and simulating a squash filesystemβ98Updated this week
- β¨π CNCF Fuzzersβ125Updated last month
- Go rules for semgrep and go-ruleguardβ472Updated 7 months ago
- Common Vulnerability Scoring System (CVSS)β25Updated last year
- Intentionally vulnerable Go web app.β43Updated last month
- Automatic fuzz targets generation for Golang packagesβ53Updated 5 months ago
- Go module to generate and transform VEX documentsβ43Updated last week
- Go Taint CHeck Analyserβ43Updated 6 years ago
- Auto-gen Go fuzzing wrappers from normal code. Finds buggy call sequences, including data races & deadlocks. Supports rich signature typeβ¦β108Updated 11 months ago
- A Go library for CPE (A Common Platform Enumeration 2.3)β37Updated 2 years ago
- Static Analysis Library for Containersβ198Updated 2 years ago
- Securing Alice's, Bob's and Carl's software supply chain using in-totoβ93Updated 2 weeks ago
- A lightweight CLI tool that finds system calls being called inside golang applications.β31Updated 3 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebasβ¦β145Updated last year
- Tool for collecting vulnerability data from various sources (used to build the grype database)β99Updated this week
- Static code analysis tool to find unsafe usages in Go packages and their dependenciesβ44Updated 4 years ago
- Reports on the licenses used by a Go package and its dependencies.β10Updated 11 months ago