Alternatives and similar repositories for swid-tools:

Users that are interested in swid-tools are comparing it to the libraries listed below

• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated last year
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆60Updated this week
• GSA / fedramp-gov
  Fedramp.gov source code for site built on https://federalist.18f.gov/
  ☆5Updated this week
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆21Updated this week
• stevespringett / owasp-risk-rating-calculator
  A Java library for programmatically calculating OWASP Risk Rating scores
  ☆18Updated last year
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 years ago
• crtsh / go-certlint
  Go wrapper for awslabs/certlint
  ☆25Updated 4 years ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 2 years ago
• hashlookup / PyHashlookup
  Python CLI and module for CIRCL hash lookup
  ☆12Updated last week
• mal-lang / exampleLang
  A MAL language that demonstrates the Maven project structure
  ☆23Updated 3 years ago
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆24Updated last year
• usnistgov / BF
  Bugs Framework
  ☆7Updated 3 weeks ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated 11 months ago
• OWASP / www-project-appsec-pipeline
  OWASP Foundation Web Respository
  ☆10Updated last year
• omnibor / spec
  A draft standard for communicating a cryptographic record of build inputs for software artifacts.
  ☆23Updated this week
• cve-search / CveXplore
  CveXplore
  ☆35Updated last week
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆37Updated 4 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• microsoft / onefuzz-samples
  Sample CICD Pipelines for OneFuzz
  ☆27Updated 2 years ago
• srcclr / build-inspector
  Inspect your builds to look for changes in filesystem, network traffic and running processes.
  ☆13Updated 6 years ago
• spdx / cdx2spdx
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆29Updated last year
• ExodusIntelligence / cpe_utils
  A simple python library to assist in working with cpes
  ☆18Updated last year
• danielfett / tlsprofiler
  Compares the TLS configuration of a web server to the Mozilla TLS Profiles
  ☆25Updated last year
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• usnistgov / vulntology
  Development of the NIST vulnerability data ontology (Vulntology).
  ☆37Updated 8 months ago