Stars
xufeng-hz / ant-application-security-testing-benchmark
Forked from alipay/ant-application-security-testing-benchmarkPackj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
XDocReport means XML Document reporting. It's Java API to merge XML document created with MS Office (docx) or OpenOffice (odt), LibreOffice (odt) with a Java model to generate report and convert it…
Open source vulnerability DB and triage service.
Software Component Verification Standard (SCVS)
Collect, curate, and communicate relevant security metrics for open source projects.
Gives criticality score for an open source project
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatab…
Build a local copy of Open Source Vulnerabilities; OSV. Server mode for easy querying.
Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
jackeyPeng / DevOps-1
Forked from inspursoft/DevOps信通院DevOps能力成熟度评估认证相关的文档、工具、流程以及经验。欢迎在Issue区提问,我们会尽快回答。
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…
WebGoat is a deliberately insecure application
pycrypto 2.6.1 windows 32-bit and 64-bit (x86 and amd64) installers for Python 3.4