Alternatives and similar repositories for vulntology

Users that are interested in vulntology are comparing it to the libraries listed below

• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆73Updated last month
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated last year
• OWASP / OdTM
  OWASP Ontology-driven Threat Modelling framework
  ☆39Updated 2 years ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆158Updated this week
• RogoLabs / cve.icu
  CVE.ICU code.
  ☆43Updated this week
• anchore / nvd-data-overrides
  ☆47Updated this week
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆64Updated last year
• CloudSecurityAlliance / gsd-project
  Global Security Database Project
  ☆28Updated 2 years ago
• d3fend / d3fend
  Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology
  ☆86Updated last week
• GSA / oscal-ssp-to-word
  ☆18Updated 3 years ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆51Updated last week
• kannkyo / nvd-api
  NVD API 2.0 for python
  ☆12Updated 10 months ago
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated 2 years ago
• d3fend / d3fend-ontology
  This repository holds the necessary content to produce the D3FEND ontology distribution.
  ☆86Updated last week
• sckg / sckg
  Security Control Knowledge Graph
  ☆29Updated last year
• cve-search / cpe-guesser
  Tool to guess CPE name based on common software name
  ☆101Updated 8 months ago
• cairis-platform / cairis
  Computer Aided Integration of Requirements and Information Security - Server
  ☆164Updated 11 months ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆197Updated 3 months ago
• GSA / oscal-gen-tool
  ☆16Updated 4 years ago
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆44Updated 11 months ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆69Updated 2 weeks ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆66Updated last month
• PLOT4ai / plot4ai-library
  Practical Library Of Threats 4 Artificial Intelligence
  ☆28Updated last month
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆95Updated 5 months ago
• vfeedio / pyvfeed
  Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
  ☆102Updated 2 years ago
• mitre / CICAT
  ☆19Updated 4 years ago
• IAI-Cyber / TRADES
  TRADES Tool
  ☆18Updated 7 months ago
• oasis-tcs / cacao
  OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacao
  ☆29Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆149Updated 4 months ago