Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for sca
sca
x
48 search results found
Dependency Track
⭐
2,119
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Scancode Toolkit
⭐
1,887
🔍 ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Pay
⭐
1,806
Payments for Ruby on Rails apps
Murphysec
⭐
1,502
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Ort
⭐
1,405
A suite of tools to automate software compliance checks.
Opensca Cli
⭐
964
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Dep Scan
⭐
916
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Log4j Detector
⭐
622
Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Cdxgen
⭐
382
Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
Nist Data Mirror
⭐
195
A simple Java command-line utility to mirror the CVE JSON data from NIST.
Cloud Validation Framework
⭐
122
prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
Scancode.io
⭐
88
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Grepmarx
⭐
66
A source code static analysis platform for AppSec enthusiasts.
Mosec Maven Plugin
⭐
64
用于检测maven项目的第三方依赖组件是否存在安全漏洞。
Clj Watson
⭐
62
clojure deps SCA
Vulnerability Db
⭐
60
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm.
Awesome Sca
⭐
57
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
Pyecsca
⭐
49
Python Elliptic Curve Side-Channel Analysis toolkit.
Vulndb Data Mirror
⭐
30
A simple Java command-line utility to mirror the entire contents of VulnDB.
Opensca Intellij Plugin
⭐
30
Vulntest
⭐
25
Static code analysis test source code
Upaygo
⭐
23
Payment Gateway Microservice in Golang
Mosec Gradle Plugin
⭐
21
用于检测gradle项目的第三方依赖组件是否存在安全漏洞。
Mend Examples
⭐
21
Mend Implementation Examples
Log4j Cve Detect
⭐
21
Detections for CVE-2021-44228 inside of nested binaries
Mosec Composer Plugin
⭐
19
用于检测composer项目的第三方依赖组件是否存在安全漏洞。
Cli
⭐
16
Debricked's command line interface. It brings open source security, compliance and health to your project via the command prompt.
Mosec Node Plugin
⭐
16
用于检测 node 项目的第三方依赖组件是否存在安全漏洞。
Checkmarx Github Action
⭐
16
Checkmarx Scan Github Action
Pyraider
⭐
15
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
Sca Identity Service Example
⭐
14
Example of Identity Service to cover all the flows of Strong Customer Authentication (PSD2)
Veracode Python
⭐
13
Contrast
⭐
11
CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments
Dejacode
⭐
11
Automate open source license compliance and ensure software supply chain integrity
Deside
⭐
10
Discrete signal processing tool for side chanel data leakage attacks and analysis. Air-gapped keylogger PoC.
Sca Authenticator Ios
⭐
9
Salt Edge Authenticator - application that meets Strong Customer Authentication requirements (PSD2)
Tattletale
⭐
8
Compression Side Channel Attack on JPEG redacted documents.
Iwa Java
⭐
8
IWA (Insecure Web App) Pharmacy Direct - an insecure Spring Java web application for use in Fortify demonstrations
Fortify Cloudscan Plugin
⭐
8
Jenkins plugin for Fortify CloudScan
Contrast Sca Action
⭐
8
Contrast SCA GitHub Action
Cdxgen Action
⭐
8
GitHub action for CycloneDX BOM generator (cdxgen). cdxgen produced bom xml file can be uploaded to dependency track, AppThreat and other commercial Software Composition Analysis (SCA) products
Sca Helper Extension
⭐
7
SCA Extension to help in local development
Fosdem 2022 Devroom
⭐
6
Software Composition and Dependencies devroom - FOSDEM 2022
Octobat Beanie.js
⭐
6
Hosted payment page making Stripe V3 API calls on your behalf and calculating sales taxes (VAT, GST, Sales Tax) in real time. 💳 ⚡ 🌍
Sca Authenticator Android
⭐
6
Salt Edge Authenticator - application that meets Strong Customer Authentication requirements (PSD2)
Mosec Pip Plugin
⭐
6
用于检测python项目的第三方依赖组件是否存在安全漏洞。
Lucy
⭐
6
Lucy is a component analysis platform to minimize the risk of license infringements and to support and optimize the license compliance process.
Sca Bash Completion
⭐
5
Bash completion script for Micro Focus Fortify Source Code Analyzer (SCA)
1-48 of 48 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.