Find the latest release version of an arbitrary project

Dictionary with auto-expiring values for caching purposes.

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

The easiest way to use Machine Learning. Mix and match underlying ML libraries and data set sources. Generate new datasets or modify existing ones with ease.

Binary Ninja plugin for Solana eBPF

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydata…

Home page of project "KB"

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers.

OWASP Kubernetes security and compliance tool [WIP]

A parser for Python dependency files

A serializer for the Django Rest Framework that supports per-action serialization of fields.

OSIDB — Open Security Issue Database

Enterprise Linux Exploit Mapper

Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners

A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).

Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries

rpm2cpe translates package names to CPE values.

ismyk8ssecure is a FOSS tool to check whether your K8s cluster contains previously reported vulnerabilities.

Tools for processing National Vulnerability Database feeds.

This project is no longer maintained. Everything is covered in PurlDB: https://github.com/aboutcode-org/purldb

Work with version specifiers (can parse PEP-440, SemVer, Ruby, NPM, Maven)

Fedora Red Team Python SDK

Vulncode-DB project

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities.

The easiest way to use Machine Learning