stevespringett / cvss-calculatorLinks
A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors
☆50Updated last week
Alternatives and similar repositories for cvss-calculator
Users that are interested in cvss-calculator are comparing it to the libraries listed below
Sorting:
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆43Updated 2 months ago
- A simple Java command-line utility to mirror the entire contents of VulnDB.☆48Updated 4 months ago
- Software Component Verification Standard (SCVS)☆151Updated 8 months ago
- ☆119Updated 7 months ago
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆54Updated last week
- A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…☆153Updated 3 weeks ago
- Integrates Xanitizer results into SonarQube☆21Updated 4 years ago
- The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens☆89Updated last week
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated 5 months ago
- Integrates OWASP Zed Attack Proxy reports into SonarQube☆73Updated 4 months ago
- Sharing software supply chain security open source projects☆53Updated 2 years ago
- ZAP Management Scripts☆23Updated 2 weeks ago
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆101Updated this week
- Externalize Java application access to protected resources as log messages.☆43Updated last month
- ☆21Updated 7 years ago
- OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.☆18Updated last week
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 5 months ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆96Updated 10 months ago
- CVE database☆21Updated 5 years ago
- Checkmarx Scan and Result Orchestration☆99Updated 2 weeks ago
- The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.☆83Updated 2 weeks ago
- A community collection of security reviews of open source software components.☆96Updated last year
- This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.☆23Updated 5 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆24Updated 2 years ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆61Updated 6 months ago
- OWASP Foundation Threat Dragon Project Web Repository☆84Updated last week
- AppSecPipeline Specification for DevOps automation.☆40Updated 3 years ago
- Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project…☆110Updated last year
- The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.☆59Updated last year