A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
☆98Feb 11, 2025Updated last year
Alternatives and similar repositories for OSCAR
Users that are interested in OSCAR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Polar is a secure and scalable knowledge graph framework, designed to address the challenges posed by building big data systems in highly…☆22Updated this week
- Unofficial plugin for splitting sf metadata files☆13Apr 18, 2023Updated 2 years ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆33Apr 4, 2023Updated 3 years ago
- Hands-on Exercises for "Dangerous attack paths: Modern Development Environment Security - Devices and CI/CD pipelines"☆45Sep 19, 2022Updated 3 years ago
- A CLI that scans for sensitive data in source code☆14Mar 22, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆19Apr 3, 2026Updated last week
- A standard API specification for exchanging supply chain artifacts and intelligence☆106Mar 25, 2026Updated 2 weeks ago
- Scripts aiding penetration testing of Splunk Enterprise systems☆10Jan 29, 2019Updated 7 years ago
- ☆11Apr 23, 2020Updated 5 years ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆145Jan 28, 2024Updated 2 years ago
- ☆28Aug 6, 2020Updated 5 years ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆41Nov 21, 2021Updated 4 years ago
- A tool to generate a SBOM (Software Bill of Materials) for an installed Python module☆37Mar 13, 2026Updated 3 weeks ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Binary builds for dep-scan - The Dependency Scanner☆10Apr 1, 2024Updated 2 years ago
- Automate vulnerability triage which prioritizes remediation over discovery☆20Updated this week
- A wrapper script for https://sploitus.com to scrape query results for tools and exploits☆14Mar 3, 2019Updated 7 years ago
- Send GKE audit events to falco☆12Jan 8, 2023Updated 3 years ago
- Windows Event Log Knowledge Base☆32Dec 23, 2025Updated 3 months ago
- An always up to date collection of useful tools for your Kubernetes linting and auditing needs.☆16Updated this week
- JS/TS library to easily build valid SARIF output from your javascript based SAST tools☆18Updated this week
- Sharing software supply chain security open source projects☆54Dec 19, 2022Updated 3 years ago
- CLI tool to validate CVE v5 JSON records.☆13May 14, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Software Supply Chain Security Platform☆388Apr 4, 2026Updated last week
- Utilities for working with vivisect☆26Oct 1, 2025Updated 6 months ago
- in-toto Attestation Framework☆328Updated this week
- Supply-chain Levels for Software Artifacts☆1,839Apr 4, 2026Updated last week
- Format agnostic SBOM tooling☆136Nov 20, 2025Updated 4 months ago
- A project to visualize the software supply chain☆58Sep 9, 2023Updated 2 years ago
- Rust implementation of SafePOSIX☆13May 13, 2025Updated 10 months ago
- Sync Airtable data☆20Feb 2, 2018Updated 8 years ago
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆213Mar 16, 2026Updated 3 weeks ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- A full insecure kubernetes application for testing security tools☆94Mar 28, 2026Updated 2 weeks ago
- Exploit & Vulnerability Intelligence Repository☆24Jan 20, 2025Updated last year
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆576May 20, 2025Updated 10 months ago
- A collection of packages for using GitHub security advisories in Node.js.☆18Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,472Updated this week
- Scans SBOMs for vulnerabilities with Grype☆85Apr 4, 2026Updated last week
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Jan 21, 2020Updated 6 years ago