Lists (1)
Stars
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
An extremely easy way to perform background processing in Java. Backed by persistent storage. Open and free for commercial use.
Java program to retrieve server certificate that can be added to local keystore
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross S…
Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other security defects in Java web applications.
A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mirror the NVD.
Java library for parsing report files from static code analysis.
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors
Maven plugin for generating java serviceloader files
Externalize Java application access to protected resources as log messages.
Demonstrates how a malicious dependency could negatively impact the build output.
A set of security APIs meant to help secure Java code
A library for commenting GitHub with violations from static code analyzer reports.
fusesource / hawtdb
Forked from chirino/hawtdbHawtDB is an embedded MVCC Key/Value Database
ESP: Security Plugin is a real time static analysis tool for Eclipse users.
JAX RS WS Interfaces for Github webhooks