A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
☆147Jan 28, 2024Updated 2 years ago
Alternatives and similar repositories for Software-Supply-Chain-Security
Users that are interested in Software-Supply-Chain-Security are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆364May 3, 2026Updated 3 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆520Updated this week
- ☆18Jul 30, 2024Updated last year
- ☆13Apr 24, 2023Updated 3 years ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆31Dec 1, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆81May 22, 2026Updated last week
- A reading list for software supply-chain security.☆364Nov 21, 2022Updated 3 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆345Updated this week
- ☆116Feb 11, 2026Updated 3 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆34Apr 4, 2023Updated 3 years ago
- Polar is a secure and scalable knowledge graph framework, designed to address the challenges posed by building big data systems in highly…☆23Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆615Feb 10, 2026Updated 3 months ago
- Format agnostic SBOM tooling☆136Nov 20, 2025Updated 6 months ago
- Websec interview questions by tib3rius answered☆309Nov 13, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Machine-readable specification for the attestation of security-relevant data.☆75May 11, 2026Updated 2 weeks ago
- Data about all known supply-chain attacks through history☆75May 23, 2026Updated last week
- Report on quality of SBOM contents☆26Dec 18, 2024Updated last year
- in-toto Attestation Framework☆336May 18, 2026Updated last week
- TACOS framework structural details☆20May 12, 2025Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆50Jun 1, 2023Updated 2 years ago
- An Architecture for Trustworthy Digital Supply Chain Transparency Services☆18Oct 19, 2025Updated 7 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆600Feb 12, 2026Updated 3 months ago
- ☆191Updated this week
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆98Feb 11, 2025Updated last year
- A CLI tool for creating secure by design/default source repos.☆28Jul 29, 2024Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆242Aug 13, 2024Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated 4 months ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆23Feb 2, 2025Updated last year
- My journey and notes on learning Offensive Security from the ground up☆21Dec 22, 2025Updated 5 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Deadline countdowns for academic conferences in Software Engineering☆83May 16, 2026Updated last week
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated 3 months ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated last year
- Sharing software supply chain security open source projects☆54Dec 19, 2022Updated 3 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆231May 26, 2025Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 4 years ago