jeremylong
Follow
-
DependencyCheck Public
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
-
cyclonedx-gradle-plugin Public
Forked from CycloneDX/cyclonedx-gradle-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Java Apache License 2.0 UpdatedDec 4, 2024 -
cyclonedx-core-java Public
Forked from CycloneDX/cyclonedx-core-javaCycloneDX SBOM Model and Utils for Creating and Validating BOMs
Java Apache License 2.0 UpdatedDec 3, 2024 -
Open-Vulnerability-Project Public
Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)
-
owasp-dependency-check-reproducer Public
Forked from daspilker/owasp-dependency-check-reproducerJava UpdatedOct 29, 2024 -
-
homebrew-core Public
Forked from Homebrew/homebrew-core🍻 Default formulae for the missing package manager for macOS
-
class-file-format-rule Public archive
DEPRECATED: consider using org.codehaus.mojo:extra-enforcer-rules.
-
odc-falsepositives Public
throw away project to test dependency-check false positives
-
teller Public
Forked from tellerops/tellerCloud native secrets management for developers - never leave your command line for secrets.
-
GrokAssembly Public
Forked from colezlaw/GrokAssemblyMono/.NET Project to get information about an assembly. Primarily for OWASP Dependency Check
-
jcs3-slf4j Public
Log adapter for use with JCS3 to bind to slf4j.
-
guarddog Public
Forked from DataDog/guarddog🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages
Python Apache License 2.0 UpdatedAug 22, 2023 -
musical-octo-carnival Public
A journey through the insecure defaults in GitHub Actions - wait who committed code to my repo?
-
malicious-dependencies Public
Demonstrates how a malicious dependency could negatively impact the build output.
-
-
hyades Public
Forked from DependencyTrack/hyadesProof-of-concept for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services, based on Apache Kafka.
-
CPE-Parser Public
Forked from stevespringett/CPE-ParserA utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST
-
sbt-dependency-check Public
Forked from albuch/sbt-dependency-checkSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
Scala Apache License 2.0 UpdatedFeb 20, 2023 -
owasp-change.github.io Public
Forked from owasp-change/owasp-change.github.ioAn Open Letter to the OWASP Board
Apache License 2.0 UpdatedFeb 11, 2023 -
-
semver4j Public
Forked from semver4j/semver4jSemantic versioning for Java apps.
Java MIT License UpdatedDec 15, 2022 -
commons-jcs Public
Forked from apache/commons-jcsApache Commons JCS
-
-
phosphor Public
Forked from gmu-swe/phosphorPhosphor: Dynamic Taint Tracking for the JVM
-
delete-workflow-runs Public
Forked from Mattraks/delete-workflow-runsAn action to delete workflow runs in a repository.
-
ossinsight Public
Forked from pingcap/ossinsightOpen Source Software Insights - Analysis, Comparison, Trends, Rankings of Open Source Software. Follow us on Twitter: https://twitter.com/ossinsight
-
github-release-maven-plugin Public
Forked from RagedUnicorn/github-release-maven-pluginMaven plugin for creating GitHub releases
-
Maven Resource Filter to remove whitespace from Velocity Templates.
-
gitgat Public
Forked from scribe-public/gitgatEvaluate source control (GitHub) security posture