sbom-tool

Here are 83 public repositories matching this topic...

Andepzaiiii / semantic-copycat-binarysniffer

Semantic Copycat BinarySniffer is a fast CLI and Python library that detects OSS in binaries using semantic signatures (APK/IPA, JARs, code). Exports CycloneDX SBOMs. 🐙

python open-source legal binary-analysis legaltech open-source-compliance sbom sbom-tool binary-static-analysis semantic-copycat code-copycat

Updated Dec 14, 2025
Python

relizaio / rearm

Star

The Evidence Store for Your Entire Supply Chain. SBOMs, xBOMs and every other artifact - stored for 10+ years, versioned and audit-ready.

security supply-chain release vulnerability release-automation release-management software-supply-chain security-tools supply-chain-management release-engineering sbom cyclonedx supply-chain-visibility sbom-distribution software-supply-chain-security sbom-tool hardware-supplychain software-transparency cyclonedx-sbom

Updated Dec 14, 2025
Java

relizaio / rearm-cli

Star

CLI to interact with ReARM SBOM / xBOM and Release Manager

release release-automation release-engineering sbom sbom-distribution sbom-tool

Updated Dec 14, 2025
Go

CycloneDX / cyclonedx-python

Star

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

python environment poetry conda owasp python3 pip bom spdx hacktoberfest requirements bill-of-materials software-bill-of-materials purl package-url sbom cyclonedx sbom-generator sbom-tool

Updated Dec 13, 2025
Python

RetireJS / retire.js

Sponsor

Star

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

javascript chrome-extension security scanner grunt-plugins firefox-extension build-tool vulnerabilities software-composition-analysis vulnerable-libraries insecure-libraries sbom sbom-generator sbom-tool

Updated Dec 12, 2025
JavaScript

bigdawgsfootball / SBOM-Researcher

Star

Looks up package vulnerability info in OSV DB from SBOMs

spdx sbom cyclonedx sbom-tool sbom-reader sbom-research

Updated Dec 12, 2025
PowerShell

Advanced SBOM visualization tool. Provides graphical information about the dependency stack of your application, list of vulnerabilities and overall application health. Supports multiple methods of data aggregation and filtering in a convenient, modern interface.

bom application-security appsec sbom cyclonedx sbom-tool software-bill-of-material sbom-reader

Updated Dec 11, 2025
Go

interlynk-io / sbomqs

Star

sbomqs: The Comprehensive SBOM Quality & Compliance Tool

go golang spdx security-tools sbom cyclonedx devsecops-pipeline supply-chain-security sbom-examples sbom-tool sbom-quality sbom-score sbom-samples

Updated Dec 12, 2025
Go

ossf / cve-bin-tool

Star

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.