Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX — covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory grading, and PQC compliance (CNSA 2.0, NIST IR 8547).
☆232Jul 13, 2026Updated this week
Alternatives and similar repositories for sbom-tools
Users that are interested in sbom-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repository of AI skills specific to CycloneDX☆31Apr 16, 2026Updated 3 months ago
- Vulnerability detection framework by Binarly's REsearch team☆853Updated this week
- Noradrenaline is a collection of high-performance post-exploitation shared libraries designed for native execution on macOS and Linux end…☆29Jul 6, 2026Updated last week
- A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.☆163Updated this week
- Curated resources for the EU Cyber Resilience Act (Regulation 2024/2847): regulation, harmonised standards, EUCC, SBOM, vulnerability man…☆40May 25, 2026Updated last month
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- AI Guided Hybrid Application Static Testing☆76Updated this week
- A curated list of Ransomware resources☆41May 11, 2026Updated 2 months ago
- SymRustC is a hybrid fuzzer for Rust combining concolic execution using SymCC and fuzzing using LibAFL.☆11Jun 28, 2023Updated 3 years ago
- GitHub Action to alert on security patches before the CVE drops.☆215Jul 5, 2026Updated last week
- An query language and interactive tooling to work with SBOM data.☆15Oct 7, 2024Updated last year
- DevSecOps for the AI-era CI/CD pipeline. Catches the bugs your AI coding assistant introduces — before they reach production.☆20Updated this week
- Fuzzers implemented with libafl to evaluate several techniques on fuzzbench☆12Oct 10, 2024Updated last year
- A CI/CD Red Team Framework for demonstrating Build Pipeline security risks.☆368Jun 27, 2026Updated 2 weeks ago
- Library for manipulating gdb in batch mode☆21Mar 10, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆55Jun 13, 2026Updated last month
- yet another... tui file manager with a touch of neovim like buffers and modal editing☆17Updated this week
- Helping defenders learn and validate npm supply-chain detections with safe atomic tests.☆34Oct 30, 2025Updated 8 months ago
- Sydr benchmark applications☆16Jul 25, 2022Updated 3 years ago
- Curated Linux LPE corpus — 28 modules from 2016 to 2026, with detection rules. One command, safest-first root: skeletonkey --auto --i-kno…☆16Updated this week
- Tailscale/Headscale C2 profile and agent for Mythic☆25Mar 14, 2026Updated 4 months ago
- Built-In zellij user interfaces☆15May 19, 2024Updated 2 years ago
- Validate SPDX 2 and 3 SBOM against NTIA, CISA, and other minimum element requirements.☆89Jul 6, 2026Updated last week
- MCP to help Defenders Detection Engineer Harder and Smarter☆462Jun 16, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib☆291Jun 15, 2026Updated last month
- Code canaries to quickly triage hallucinated ('slop') vulnerability reports☆95May 20, 2026Updated last month
- Tool for visualizing the Open SSF Scorecard Api data in a human friendly way☆19Jun 22, 2026Updated 3 weeks ago
- A Weather CLI Build with Rust to utilize OpenWeatherMap API to give you real-time weather reports☆11Nov 7, 2024Updated last year
- ☆13Apr 24, 2023Updated 3 years ago
- A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.☆172Updated this week
- AWS audits, without screenshots☆42Jun 23, 2026Updated 3 weeks ago
- tool for checking potential dependency confusion☆39Jul 5, 2025Updated last year
- Fuzzing Lua runtimes without pain☆15Updated this week
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Browser extension blocking scam and phishing pages https://chromewebstore.google.com/detail/nehboro/ljgklnaofelbcnegjniagpmjknkmaiom☆15Apr 22, 2026Updated 2 months ago
- 🛡️ Dependency cooldowns are cool!☆79Jun 29, 2026Updated 2 weeks ago
- A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE☆117Jul 6, 2026Updated last week
- Modular OSINT and attack surface analysis platform for authorized security research, with risk scoring, attack paths, and report generati…☆24Jun 4, 2026Updated last month
- ☆15Jul 2, 2026Updated 2 weeks ago
- AI model safety scanner built on NVIDIA garak☆572Updated this week
- A vibe-coded port of wiretap☆35Apr 25, 2026Updated 2 months ago