A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
☆148Jan 28, 2024Updated 2 years ago
Alternatives and similar repositories for Software-Supply-Chain-Security
Users that are interested in Software-Supply-Chain-Security are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆369Jun 7, 2026Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆558Jul 1, 2026Updated last week
- ☆18Jul 30, 2024Updated last year
- ☆13Apr 24, 2023Updated 3 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆82Jun 20, 2026Updated 2 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆359Jul 2, 2026Updated last week
- ☆116Feb 11, 2026Updated 4 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆35Apr 4, 2023Updated 3 years ago
- Polar is a secure and scalable knowledge graph framework, designed to address the challenges posed by building big data systems in highly…☆23Jun 21, 2026Updated 2 weeks ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆619Feb 10, 2026Updated 4 months ago
- Format agnostic SBOM tooling☆148Nov 20, 2025Updated 7 months ago
- Websec interview questions by tib3rius answered☆309Nov 13, 2023Updated 2 years ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Machine-readable specification for the attestation of security-relevant data.☆77Jun 24, 2026Updated 2 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Data about all known supply-chain attacks through history☆76Jun 28, 2026Updated last week
- Report on quality of SBOM contents☆27Dec 18, 2024Updated last year
- in-toto Attestation Framework☆346Jun 29, 2026Updated last week
- Enrich SBOMs with data from third party services☆230May 18, 2026Updated last month
- TACOS framework structural details☆20May 12, 2025Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆51Jun 1, 2023Updated 3 years ago
- An Architecture for Trustworthy Digital Supply Chain Transparency Services☆18Oct 19, 2025Updated 8 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Supply Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆377Updated this week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆607Jun 2, 2026Updated last month
- ☆191May 29, 2026Updated last month
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆98Feb 11, 2025Updated last year
- A CLI tool for creating secure by design/default source repos.☆28Jul 29, 2024Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆240Aug 13, 2024Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated 6 months ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆23Feb 2, 2025Updated last year
- My journey and notes on learning Offensive Security from the ground up☆21Dec 22, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Deadline countdowns for academic conferences in Software Engineering☆86Jul 1, 2026Updated last week
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated 4 months ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated last year
- Sharing software supply chain security open source projects☆54Dec 19, 2022Updated 3 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆236May 26, 2025Updated last year
- A tool that takes two or more micro SBOMs and composes them into one distributable SBOM☆23Mar 23, 2023Updated 3 years ago