Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Bitsea part of the Occtet Toolchain

FOSSLight Hub : Integrated management web-service for Open Source Compliance Process

EasyBuggy clone build on Spring Boot

Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.

This repository is a collection of vulnerable code examples for Vert.X.

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Integrates Dependency-Check reports into SonarQube

This project contains examples of vulnerabilities and their secure implementations in Java applications.

Expolit Lists. 相关集合💥💥💥 ;) 用友NC反序列化/ CTF/ Java Deserialization/Shiro Vulns/ CNVD or CVE Vulns/ Log4j2/ Hikvision-decrypter...✨✨✨

Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Lifecycle.

Intentionally vulnerable Android application.

(Snyk Workshop) Vulnerable Java App used to demonstrate Snyk capabilities

🐛🗡️👩‍⚕️ eir is a tool to report system vulnerabilities 👩‍⚕️🗡️🐛

It is an application that can test three Android app vulnerabilities (user enumeration, routing detection bypass, and deep link) that have been issued in 2020. The app has a built-in flag value like CTF. Find flags and try authenticating on MainActivity! You can proceed with vulnerability analysis using the android_issue_2020.apk file. If you wa…

VulDB Java code to fetch data via API

Jenkins Plugin from Contrast Security

Confuzzion is a Java Virtual Machine (JVM) fuzzer generating Java programs to find bugs and vulnerabilities in the Java VM.

Too buggy web application

Gathers, enriches and publishes vulnerability information to a Kafka topic.