A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!

PainKiller Security Tools

An SPDX Querying Binary

Osmy: A tool for software management using SPDX Documents

This repo hosts a github action to run parlay( which is used to Enrich SBOMs with data from third party services ) in piplines

Manage collection of SBOMs (Software Bill of Materials)

GitHub Action that installs and sets up the Microsoft SBOM Tool.

Determine the technical debt for a Software Bill of Materials (SBOM)

📓 A python CLI tool to extract a software bill of materials and license info from a vcpkg manifest.

SBOM Tool running on a browser locally with WebAssembly

This tool compares two Software Bill of Materials (SBOMs) and reports the differences.

SBOM generator for files within a directory

Repository related to the conference paper "SBOM Generation Tools in the Python Ecosystem: an In-Detail Analysis"

Malicious-PAckageFinder (m-paf) is a command-line tool that detects malicious and risky packages in your software supply chain using SBOM files.

SBOMinify is a GitHub Action to capture and list installed packages and their versions in a Docker image, generating Software Bill of Materials (SBOM) files. This action leverages some special technics to scan Docker images and output SBOM files in both table and JSON formats.

A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service and versions.

Simple SBOM viewer and NTIA Minimum Elements checker.

Using AI Agents for Audit SBOMs for OSS Compliance