Topic: sca Goto Github
Some thing interesting about sca
Some thing interesting about sca
sca,Automate open source license compliance and ensure software supply chain integrity
Organization: aboutcode-org
Home Page: https://dejacode.readthedocs.io
sca,:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Organization: aboutcode-org
Home Page: https://github.com/aboutcode-org/scancode-toolkit/releases/
sca,ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Organization: aboutcode-org
Home Page: https://scancodeio.readthedocs.io
sca,xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Organization: alipay
Home Page: https://xastbenchmark.github.io
sca,Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
Organization: appthreat
sca,Checkmarx Scan Github Action
Organization: checkmarx-ts
sca,clojure deps SCA
Organization: clj-holmes
sca,Contrast SCA GitHub Action
Organization: contrast-security-oss
sca,Contrast Scan GitHub action
Organization: contrast-security-oss
sca,CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments
Organization: contrastsecurity
sca,Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server.
Organization: cyclonedx
Home Page: https://cyclonedx.github.io/cdxgen/
sca,Detections for CVE-2021-44228 inside of nested binaries
User: darkarnium
sca,Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Organization: dependencytrack
Home Page: https://dependencytrack.org/
sca,IWA (Insecure Web App) Pharmacy Direct - an insecure web application for use in DevSecOps scenarios.
Organization: fortify-presales
Home Page: https://iwa.onfortify.com
sca,A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
Organization: hysnsec
Home Page: https://practical-devsecops.com/
sca,Python Elliptic Curve Side-Channel Analysis toolkit.
User: j08ny
Home Page: https://pyecsca.org/
sca,Jenkins plugin for Fortify CloudScan
Organization: jenkinsci
sca,Payment Gateway Microservice in Golang
User: lelledaniele
sca,Mend Implementation Examples
Organization: mend-toolkit
sca,A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
Organization: mergebase
sca,用于检测composer项目的第三方依赖组件是否存在安全漏洞。
Organization: momosecurity
sca,用于检测gradle项目的第三方依赖组件是否存在安全漏洞。
Organization: momosecurity
sca,用于检测maven项目的第三方依赖组件是否存在安全漏洞。
Organization: momosecurity
sca,用于检测 node 项目的第三方依赖组件是否存在安全漏洞。
Organization: momosecurity
sca,用于检测python项目的第三方依赖组件是否存在安全漏洞。
Organization: momosecurity
sca,An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Organization: murphysecurity
sca,A source code static analysis platform for AppSec enthusiasts.
Organization: orange-cyberdefense
sca,A suite of tools to automate software compliance checks.
Organization: oss-review-toolkit
Home Page: https://oss-review-toolkit.org
sca,OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Organization: owasp-dep-scan
Home Page: https://owasp.org/www-project-dep-scan/
sca,Payments for Ruby on Rails apps
Organization: pay-rails
Home Page: https://github.com/pay-rails/pay
sca,prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
Organization: prancer-io
Home Page: https://www.prancer.io
sca,SCA Extension to help in local development
User: raxelo
sca,Controller parameters tuning for load frequency control (Matlab code)
User: sajjadasefi
sca,Example of Identity Service to cover all the flows of Strong Customer Authentication (PSD2)
Organization: saltedge
sca,A simple Java command-line utility to mirror the CVE JSON data from NIST.
User: stevespringett
sca,A simple Java command-line utility to mirror the entire contents of VulnDB.
User: stevespringett
Home Page: https://vulndb.cyberriskanalytics.com/
sca,Simulating Massive MIMO and Small Cells
User: sudhamshu091
sca,Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
User: tilakthimmappa
Home Page: https://pyraider.raidersource.com
sca,Apply sound changes automatically to a set of words.
User: trimill
Home Page: https://trimill.github.io/sca/
sca,Static code analysis test source code
User: vanhauser-thc
sca,OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Organization: xmirrorsecurity
Home Page: https://opensca.xmirror.cn
sca,
Organization: xmirrorsecurity
Home Page: https://plugins.jetbrains.com/plugin/18246-opensca-xcheck
sca,Discrete signal processing tool for side chanel data leakage attacks and analysis. Air-gapped keylogger PoC.
User: zadewg
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.