Repository navigation
sbom-generator
- Website
- Wikipedia
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
A suite of tools to automate software compliance checks.
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
A suite of utilities to help with software supply chain challenges on nix targets
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
Nix CycloneDX Software Bills of Materials (SBOMs)
sbomasm: The Complete SBOM Management Toolkit
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, openAPI, cloudevents, etc. Auto generate code after defining requirements in UI as diagram.
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.