Protect against malicious open source packages π€
β966Mar 5, 2026Updated this week
Alternatives and similar repositories for vet
Users that are interested in vet are comparing it to the libraries listed below
Sorting:
- Reference architecture and proof of concept implementation for supply chain security gatewayβ23Apr 1, 2023Updated 2 years ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assetsβ833Mar 28, 2025Updated 11 months ago
- A universal SBOM representation in protocol buffersβ320Mar 2, 2026Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ229Feb 25, 2026Updated 2 weeks ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact proβ¦β518Mar 5, 2026Updated last week
- Generate a score for your sbom to understand if it will actually be useful.β239Aug 13, 2024Updated last year
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.β2,590Updated this week
- A vulnerability scanner for container images and filesystemsβ11,680Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.devβ8,529Updated this week
- Enrich SBOMs with data from third party servicesβ220Feb 11, 2026Updated last month
- boostsecurityio/poutineβ373Feb 23, 2026Updated 2 weeks ago
- π Static code analysis engine to find security issues in code.β2,212Updated this week
- Automation tool for Windows Deception Host Burn-Inβ86Dec 4, 2024Updated last year
- Software Supply Chain Security Platformβ377Updated this week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on pβ¦β5,431Nov 18, 2025Updated 3 months ago
- GitHub App to set and enforce security policiesβ1,393Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilitβ¦β467Mar 4, 2026Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β144Jan 28, 2024Updated 2 years ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmβ¦β769Dec 11, 2024Updated last year
- Chalk allows you to follow code from development, through builds and into production.β419Updated this week
- 𧡠CLI tool for directly patching container images!β1,552Updated this week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, anβ¦β979Feb 28, 2026Updated last week
- Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the β¦β74Jun 21, 2024Updated last year
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this β¦β125Sep 23, 2025Updated 5 months ago
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β69Nov 27, 2025Updated 3 months ago
- Live validation proxy tool for testing web app vulnerabilitiesβ832Feb 14, 2026Updated 3 weeks ago
- vexctl is a tool to attest VEX impact statementsβ45Mar 27, 2023Updated 2 years ago
- β69Jul 18, 2025Updated 7 months ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Spβ¦β647Mar 4, 2026Updated last week
- #supply #chain #attack #detectionβ646Mar 3, 2026Updated last week
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β69Jun 25, 2025Updated 8 months ago
- β86Feb 4, 2026Updated last month
- π΄π‘π’ The Amazing Multipurpose Policy Engine (and L)β39Mar 2, 2026Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystemsβ8,464Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilitiesβ605Feb 10, 2026Updated last month
- SBOM Search - Context aware search in SBOM repositoriesβ29Nov 24, 2025Updated 3 months ago
- OpenSSF Scorecard - Security health metrics for Open Sourceβ5,290Mar 5, 2026Updated last week
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such β¦β235Feb 6, 2025Updated last year
- Open source templates you can use to bootstrap your security programsβ892Dec 28, 2025Updated 2 months ago