Alternatives and similar repositories for vulntology

Users that are interested in vulntology are comparing it to the libraries listed below

• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated last year
• OWASP / OdTM
  OWASP Ontology-driven Threat Modelling framework
  ☆41Updated 2 years ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆166Updated this week
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆24Updated 2 years ago
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆45Updated last year
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆65Updated last year
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆96Updated 9 months ago
• sckg / sckg
  Security Control Knowledge Graph
  ☆31Updated last year
• d3fend / d3fend
  Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology
  ☆88Updated 3 months ago
• kannkyo / nvd-api
  NVD API 2.0 for python
  ☆12Updated last year
• CloudSecurityAlliance / gsd-project
  Global Security Database Project
  ☆28Updated 2 years ago
• d3fend / d3fend-ontology
  This repository holds the necessary content to produce the D3FEND ontology distribution.
  ☆94Updated last week
• cve-search / cpe-guesser
  Tool to guess CPE name based on common software name
  ☆106Updated 2 months ago
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆82Updated last week
• mnemonic-no / provreq
  Adversary Emulation Planner
  ☆42Updated last year
• RogoLabs / cve.icu
  CVE.ICU code.
  ☆49Updated this week
• idaholab / STIG
  Structured Threat Intelligence Graph
  ☆97Updated last month
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated 2 years ago
• oscal-compass / compliance-trestle-demos
  Demo setup for compliance-trestle
  ☆35Updated 2 months ago
• oasis-open / cti-stix-generator
  OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…
  ☆42Updated last year
• casework / CASE
  Cyber-investigation Analysis Standard Expression (CASE) Ontology
  ☆71Updated last month
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• mitre-atlas / atlas-navigator-data
  Scripts and outputs for ATLAS data in STIX JSON and ATT&CK Navigator layer formats
  ☆20Updated 2 weeks ago
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆166Updated this week
• mitre / vulcan
  A web application to streamline the development of STIGs from SRGs
  ☆81Updated last month
• oasis-open / cti-stix-common-objects
  OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…
  ☆97Updated 5 months ago
• OVAL-Community / OVAL
  Official repository for the Open Vulnerability and Assessment Language
  ☆79Updated last month
• anchore / nvd-data-overrides
  ☆48Updated this week
• GSA / oscal-gen-tool
  ☆16Updated 4 years ago
• mitre / CICAT
  ☆19Updated 5 years ago