software-security

There are 126 repositories under software-security topic.

trickest/cve
Gather and update all available and newest CVEs with their PoC.
Language:HTML7.4k 375 52933
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Language:Java3.4k 70 2.4k689
trickest/inventory
Asset inventory of over 800 public bug bounty programs.
Language:Shell1.5k 53 10267
dependency-check/dependency-check-sonar-plugin
Integrates Dependency-Check reports into SonarQube
Language:Java672 17 273144
DoS0x99/cyber-security-books
A collection of FREE cyber security books
557 11 5151
feicong/macbook
《macOS软件安全与逆向分析》随书源码
Language:Objective-C382 22 1587
Plailect/keyshuffling
Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain
Language:TeX328 136 06
albuch/sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
Language:Scala269 10 8649
stevespringett/nist-data-mirror
A simple Java command-line utility to mirror the CVE JSON data from NIST.
Language:Java211 13 4290
trickest/find-gh-poc
Find CVE PoCs on GitHub
Language:Go155 4 1323
jenkinsci/dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Language:Java138 108 075
vishalgarg-sec/Software-Supply-Chain-Security
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
138 6 021
trickest/log4j
Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
112 4 422
stevespringett/threatmodel-sdk
A Java library for parsing and programmatically using threat models
Language:Java81 16 924
OtherDevOpsGene/zap-sonar-plugin
Integrates OWASP Zed Attack Proxy reports into SonarQube
Language:HTML72 15 4631
SunLab-GMU/GraphSPD
The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, May 22-26, 2023.
Language:Shell48 7 119
stevespringett/vulndb-data-mirror
A simple Java command-line utility to mirror the entire contents of VulnDB.
Language:Java47 3 29
ramizebian/Software-Security
Solutions and discussions from the Software Security course on Coursera. Open for collaboration and knowledge sharing.
Language:C42 4 360
petrsocha/sicak
SIde-Channel Analysis toolKit: embedded security evaluation tools
Language:C++30 2 124
hakbot/hakbot-origin-controller
Vendor-Neutral Security Tool Automation Controller (over REST)
Language:Java28 5 2418
iosifache/ossfortress
Workshop for finding software vulnerabilities using open source tools, which includes a Goat-like Python and C application
Language:HTML27 5 05
AlBovo/Olicyber-WriteUps
This repository contains all the source code for the various writeups I have written over time of all the Olicyber editions I have participated in.
Language:Python24 1 01
fouzhe/security
software vulnerabilities
Language:C24 5 04
nMoncho/sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
Language:Scala24 1 12
OmarAlmighty/Coursera-Software-Security
Solutions to Software Security course provided by University of Maryland - Coursera
21 1 07
biniamf/data_obfuscation
Data Obfuscation for C/C++ Code Based on Residue Number Coding (RNC)
Language:C++20 3 13
trickest/packages
Automated compromise detection of the world's most popular packages
17 3 03
awsm-research/Awesome-AI4DevSecOps
This repository offers a detailed taxonomy of existing AI-driven security solutions tailored for DevSecOps, highlighting the current research challenges and suggesting future directions for the field. It serves as a resource for researchers, developers, and security professionals interested in the intersection of AI and DevSecOps.
163
paser-group/continuous-secsoft
Placeholder for course materials taught by Akond Rahman
Language:Puppet16 3 653
claire-lex/megagrep
Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directly but for places where you could manually find some.
Language:Python15 1 01
SoftwareCraftersSydney/events
Repository of events for the Software Crafters Sydney community
Language:JavaScript14 7 293
i-m-down-QQ/writeups
CTF Writeups Backup
13 0 00
Plailect/bootroms
Attacking the Nintendo 3DS Boot ROMs
Language:TeX13 3 01
Cottontail-Proj/cottontail
Cottontail is currently under review
110
Catalyzator/SEEDlab
My lab reports for some of the security labs developed by Prof. Du of SU.
10 0 02
feicong/macbook_issues
《macOS软件安全与逆向分析》勘误
10 2 238

software-security

trickest/cve

DependencyTrack/dependency-track

trickest/inventory

dependency-check/dependency-check-sonar-plugin

DoS0x99/cyber-security-books

feicong/macbook

Plailect/keyshuffling

albuch/sbt-dependency-check

stevespringett/nist-data-mirror

trickest/find-gh-poc

jenkinsci/dependency-check-plugin

vishalgarg-sec/Software-Supply-Chain-Security

trickest/log4j

stevespringett/threatmodel-sdk

OtherDevOpsGene/zap-sonar-plugin

SunLab-GMU/GraphSPD

stevespringett/vulndb-data-mirror

ramizebian/Software-Security

petrsocha/sicak

hakbot/hakbot-origin-controller

iosifache/ossfortress

AlBovo/Olicyber-WriteUps

fouzhe/security

nMoncho/sbt-dependency-check

OmarAlmighty/Coursera-Software-Security

biniamf/data_obfuscation

trickest/packages

awsm-research/Awesome-AI4DevSecOps

paser-group/continuous-secsoft

claire-lex/megagrep

SoftwareCraftersSydney/events

i-m-down-QQ/writeups

Plailect/bootroms

Cottontail-Proj/cottontail

Catalyzator/SEEDlab

feicong/macbook_issues