zvikar72 Goto Github PK

allstar

GitHub App to set and enforce security policies

audit-workbench

The SCANOSS Audit Workbench graphical user interface to scan and audit your source code.

blint

BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.

bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

codetotal

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.

cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 100 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with a list of components and versions.

cyberchef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

decider

A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

devtoys

A Swiss Army knife for developers.

distroless

🥑 Language focused docker images, minus the operating system.

extensiontotal-vscode

ginger

Ginger Automation IDE

megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

renovate

Universal dependency update tool that fits into your workflows.

rsshub

🍰 Everything is RSSible

sbom-tool

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

scanoss.js

The SCANOSS JS package provides a simple, easy to consume module for interacting with SCANOSS APIs/Engine.

scanoss.py

The SCANOSS python package providing a simple, easy to consume library for interacting with SCANOSS APIs/Engine.

supplychainsecurity

Malicious Packages and Users are infiltrating software around the globe. Examples of Account Takeover, Dependency Confusion, Hacktivism and Chain/Repo-Jacking are being used to infect your software.

supplygoat

"Vulnerable by Design" supply chain is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

webgoat

WebGoat is a deliberately insecure application

webrix

Powerful building blocks for React-based web applications