usnistgov / swid-tools
☆13Updated 3 months ago
Alternatives and similar repositories for swid-tools:
Users that are interested in swid-tools are comparing it to the libraries listed below
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…☆23Updated 2 years ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated last year
- SBOM Grep - search through SBOMs☆21Updated last month
- Inspect your builds to look for changes in filesystem, network traffic and running processes.☆13Updated 6 years ago
- Pattern recognition for hosts, services, and content☆13Updated 2 years ago
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Updated 2 years ago
- ZAP Management Scripts☆21Updated last week
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated this week
- CveXplore☆35Updated this week
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆60Updated last month
- Scan pypi for typosquatting☆38Updated 2 years ago
- OpenSSF Project Template☆17Updated last year
- CVE database☆22Updated 4 years ago
- A community collection of security reviews of open source software components.☆93Updated 11 months ago
- Audit C/C++ projects (make, cmake, command line, etc.)☆26Updated 3 years ago
- OpenSSF Endusers Working Group☆28Updated 10 months ago
- Service to scan licenses from source code☆12Updated last year
- Find & pull public SBOMs☆16Updated 5 months ago
- Development of the NIST vulnerability data ontology (Vulntology).☆37Updated 8 months ago
- A Python library and command line interface for CVE Services.☆61Updated last month
- Posture Attribute Collection and Evaluation☆24Updated last year
- The OVAL Language Sandbox☆44Updated 4 years ago
- A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.☆19Updated 8 months ago
- Fedramp.gov source code for site built on https://federalist.18f.gov/☆5Updated this week
- The model for the information captured in SPDX version 3 standard.☆73Updated this week
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆10Updated 4 years ago
- Feed parsing for language package manager updates☆76Updated last month
- ☆22Updated 3 years ago