-
open-vulnerability-clients Public
Java library for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)
-
open-vulnerability-cli Public
A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mirror the NVD.
-
github-dependency-graph-gradle-plugin Public
Forked from gradle/github-dependency-graph-gradle-pluginGradle Plugin for Extracting Dependency Information to send to GitHub
Groovy Apache License 2.0 UpdatedOct 27, 2025 -
-
DependencyCheck Public archive
The dependency-check repository has moved:
-
ocular Public
Forked from crashappsec/ocularsoftware asset scanning orchestration system
Go GNU General Public License v3.0 UpdatedJul 16, 2025 -
purl-spec Public
Forked from package-url/purl-specA minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
Other UpdatedMay 27, 2025 -
CPE-Parser Public
Forked from stevespringett/CPE-ParserA utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
-
homebrew-core Public
Forked from Homebrew/homebrew-core๐ป Default formulae for the missing package manager for macOS
-
cyclonedx-webpack-plugin Public
Forked from CycloneDX/cyclonedx-webpack-pluginGenerate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
TypeScript Apache License 2.0 UpdatedJan 29, 2025 -
cyclonedx-javascript-library Public
Forked from CycloneDX/cyclonedx-javascript-libraryCore functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
TypeScript Apache License 2.0 UpdatedJan 7, 2025 -
cyclonedx-cocoapods Public
Forked from CycloneDX/cyclonedx-cocoapodsCreates CycloneDX Software Bill-of-Materials (SBOM) from Objective-C and Swift projects that use CocoaPods.
Ruby Apache License 2.0 UpdatedDec 21, 2024 -
cyclonedx-gradle-plugin Public
Forked from CycloneDX/cyclonedx-gradle-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Java Apache License 2.0 UpdatedDec 14, 2024 -
cyclonedx-core-java Public
Forked from CycloneDX/cyclonedx-core-javaCycloneDX SBOM Model and Utils for Creating and Validating BOMs
Java Apache License 2.0 UpdatedDec 3, 2024 -
-
-
class-file-format-rule Public archive
DEPRECATED: consider using org.codehaus.mojo:extra-enforcer-rules.
Java Apache License 2.0 UpdatedJun 6, 2024 -
odc-falsepositives Public
throw away project to test dependency-check false positives
Python UpdatedMay 27, 2024 -
teller Public
Forked from tellerops/tellerCloud native secrets management for developers - never leave your command line for secrets.
-
GrokAssembly Public
Forked from colezlaw/GrokAssemblyMono/.NET Project to get information about an assembly. Primarily for OWASP Dependency Check
-
jcs3-slf4j Public
Log adapter for use with JCS3 to bind to slf4j.
Java Apache License 2.0 UpdatedNov 27, 2023 -
guarddog Public
Forked from DataDog/guarddog๐ ๐ GuardDog is a CLI tool to Identify malicious PyPI and npm packages
Python Apache License 2.0 UpdatedAug 22, 2023 -
musical-octo-carnival Public
A journey through the insecure defaults in GitHub Actions - wait who committed code to my repo?
-
malicious-dependencies Public
Demonstrates how a malicious dependency could negatively impact the build output.
-
-
hyades Public
Forked from DependencyTrack/hyadesProof-of-concept for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services, based on Apache Kafka.
Java Apache License 2.0 UpdatedApr 25, 2023 -
sbt-dependency-check Public
Forked from albuch/sbt-dependency-checkSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
Scala Apache License 2.0 UpdatedFeb 20, 2023 -
owasp-change.github.io Public
Forked from owasp-change/owasp-change.github.ioAn Open Letter to the OWASP Board
Apache License 2.0 UpdatedFeb 11, 2023 -
-
semver4j Public
Forked from semver4j/semver4jSemantic versioning for Java apps.
Java MIT License UpdatedDec 15, 2022
{{ message }}