stevespringett / nist-data-mirror

Related projects ⓘ

Alternatives and complementary repositories for nist-data-mirror

• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆44Updated this week
• spotbugs / sonar-findbugs
  SpotBugs plugin for SonarQube
  ☆357Updated this week
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆298Updated last week
• pmckeown / dependency-track-maven-plugin
  Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …
  ☆62Updated last month
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆598Updated this week
• stevespringett / Alpine
  An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies
  ☆62Updated this week
• SonarSource / sonar-scanner-maven
  SonarQube Scanner for Maven
  ☆147Updated this week
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆129Updated last week
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆44Updated 3 weeks ago
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆78Updated 2 months ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆69Updated last year
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆81Updated this week
• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆185Updated 8 years ago
• mebigfatguy / fb-contrib
  a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
  ☆155Updated this week
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆83Updated 7 years ago
• jeremylong / Open-Vulnerability-Project
  Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnera…
  ☆121Updated last week
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆47Updated this week
• augustd / owasp-security-logging
  OWASP Security Logging library for Java
  ☆115Updated 11 months ago
• SonarSource / sonar-scanner-java-library
  Common Java library used by many SonarScanners
  ☆112Updated this week
• checkstyle / sonar-checkstyle
  Support on Checkstyle in SonarQube. Officially transfered from https://github.com/SonarQubeCommunity/sonar-checkstyle
  ☆172Updated 2 weeks ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆42Updated 2 years ago
• package-url / packageurl-java
  Java/JVM implementation of the package url spec
  ☆22Updated 5 months ago
• victims / victims-enforcer-legacy
  A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.
  ☆40Updated 4 years ago
• OWASP / sonarqube
  OWASP SonarQube Project
  ☆110Updated 5 years ago
• SonarSource / sonar-custom-plugin-example
  Shows how to write a SonarQube plugin
  ☆142Updated 2 weeks ago
• hdiv / hdiv
  Hdiv CE | Application Self-Protection
  ☆214Updated last week
• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆159Updated this week
• ESAPI / esapi-java
  ☆323Updated last year
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆115Updated last year
• spotbugs / spotbugs-maven-plugin
  Maven Mojo Plug-In to generate reports based on the SpotBugs Analyzer
  ☆76Updated this week