Semantic Copycat BinarySniffer is a fast CLI and Python library that detects OSS in binaries using semantic signatures (APK/IPA, JARs, code). Exports CycloneDX SBOMs. 🐙
The Evidence Store for Your Entire Supply Chain. SBOMs, xBOMs and every other artifact - stored for 10+ years, versioned and audit-ready.
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.
Create CycloneDX Software Bill of Materials (SBOM) from esbuild projects
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
sbomqs: The Comprehensive SBOM Quality & Compliance Tool
Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
CLI to interact with ReARM SBOM / xBOM and Release Manager
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Looks up package vulnerability info in OSV DB from SBOMs
Advanced SBOM visualization tool. Provides graphical information about the dependency stack of your application, list of vulnerabilities and overall application health. Supports multiple methods of data aggregation and filtering in a convenient, modern interface.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
A tool to automatically detect copy+pasted and vendored code between repositories
Create CycloneDX Software Bill of Materials (SBOM) for Buildroot projects
Add a description, image, and links to the sbom-tool topic page so that developers can more easily learn about it.
To associate your repository with the sbom-tool topic, visit your repo's landing page and select "manage topics."