Alternatives and similar repositories for swid-tools:

Users that are interested in swid-tools are comparing it to the libraries listed below

• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• oasis-open / csaf-parser
  OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…
  ☆23Updated 2 years ago
• spdx / cdx2spdx
  Utility that converts SBOM documents from CycloneDX to SPDX
  ☆29Updated last year
• interlynk-io / sbomgr
  SBOM Grep - search through SBOMs
  ☆21Updated last month
• srcclr / build-inspector
  Inspect your builds to look for changes in filesystem, network traffic and running processes.
  ☆13Updated 6 years ago
• runZeroInc / recog
  Pattern recognition for hosts, services, and content
  ☆13Updated 2 years ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆21Updated last week
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated this week
• cve-search / CveXplore
  CveXplore
  ☆35Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆60Updated last month
• IQTLabs / pypi-scan
  Scan pypi for typosquatting
  ☆38Updated 2 years ago
• ossf / project-template
  OpenSSF Project Template
  ☆17Updated last year
• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆93Updated 11 months ago
• sonatype-nexus-community / cheque
  Audit C/C++ projects (make, cmake, command line, etc.)
  ☆26Updated 3 years ago
• ossf / wg-endusers
  OpenSSF Endusers Working Group
  ☆28Updated 10 months ago
• philips-software / license-scanner
  Service to scan licenses from source code
  ☆12Updated last year
• interlynk-io / sbomex
  Find & pull public SBOMs
  ☆16Updated 5 months ago
• usnistgov / vulntology
  Development of the NIST vulnerability data ontology (Vulntology).
  ☆37Updated 8 months ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆61Updated last month
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆24Updated last year
• OVALProject / Sandbox
  The OVAL Language Sandbox
  ☆44Updated 4 years ago
• bgnetworks / meta-dependencytrack
  A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.
  ☆19Updated 8 months ago
• GSA / fedramp-gov
  Fedramp.gov source code for site built on https://federalist.18f.gov/
  ☆5Updated this week
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆73Updated this week
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆10Updated 4 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆76Updated last month
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago