"topic:software-security" — Search

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.

14422Updated 1 week ago

attestationscncfdependency-managementopen-source-securityopenssfowaspsbomslsasoftware-bill-of-materialsoftware-securitysoftware-supply-chain-securitysoftware-transparencysupply-chain-attackssupply-chain-securityvexvulnerability-management

jenkinsci/dependency-check-plugin

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Java13974Updated 2 weeks ago

appseccomponent-analysisdevopsjenkins-pluginnvdowaspowasp-dependencychecksecuritysoftware-securityvisibilityvulnerabilities

trickest/log4j

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

11222Updated 4 months ago

bugbountycveexploithackinginfoseclog4jlog4shellpenetration-testingpentestingred-teamsecuritysecurity-toolssoftware-securitysoftware-vulnerabilitiessoftware-vulnerabilityvulnerabilitiesvulnerability

stevespringett/threatmodel-sdk

A Java library for parsing and programmatically using threat models

Java8224Updated 3 months ago

appsecjavajava-librarysdksecure-designsoftware-securitythreat-model

OtherDevOpsGene/zap-sonar-plugin

Integrates OWASP Zed Attack Proxy reports into SonarQube

HTML7331Updated 3 months ago

appsecdynamic-analysisowaspowasp-zapsecuritysoftware-securitysonar-pluginsonarqubezap

SunLab-GMU/GraphSPD

The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, May 22-26, 2023.

Shell4911Updated 1 month ago

code-analysisgraph-learninggraphspdml4codesecurity-patchsoftware-security

stevespringett/vulndb-data-mirror

A simple Java command-line utility to mirror the entire contents of VulnDB.

Java489Updated 1 month ago

appseccvejavascasoftware-composition-analysissoftware-securityvulndb

ramizebian/Software-Security

Solutions and discussions from the Software Security course on Coursera. Open for collaboration and knowledge sharing.

C4461Updated 2 weeks ago

cybersecuritysoftware-security

Cottontail-Proj/cottontail

Cottontail: A LLM-Driven Concolic Execution Engine (Accepted by IEEE S&P'26)

C++383Updated 6 days ago

memoryprogram-analysissoftware-engineeringsoftware-security

petrsocha/sicak

SIde-Channel Analysis toolKit: embedded security evaluation tools

C++305Updated 5 months ago

correlation-power-analysisdifferential-power-analysisembedded-securityembedded-systemshardware-hackinghardware-securitysecuritysecurity-automationsecurity-testingside-channelside-channel-attackssoftware-securitytest-vector-leakage-assesment

youpengl/OpenVul

OpenVul: An Open-Source Post-Training Framework for LLM-Based Vulnerability Detection

Python291Updated 1 day ago

code-securitylarge-language-modelssoftware-engineeringsoftware-securityvulnerability-analysisvulnerability-detectionvulnerability-managementvulnerability-reasoning

hakbot/hakbot-origin-controllerArchived

Vendor-Neutral Security Tool Automation Controller (over REST)

Java2818Updated 11 months ago

appsecappspiderautomationburpdevopsdynamic-analysisnessusrestsecuritysoftware-securitythreadfixwebinspectzap

iosifache/ossfortressArchived

Workshop for finding software vulnerabilities using open source tools, which includes a Goat-like Python and C application

HTML275Updated 7 months ago

open-sourcesoftware-securityworkshop

nMoncho/sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).

Scala273Updated 1 week ago

appseccvedevopsinfosecnvdowaspowasp-dependencychecksbtsbt-pluginscalasecuritysecurity-auditsecurity-automationsoftware-composition-analysissoftware-securitystatic-analysisvulnerabilitiesvulnerability-scanners

AlBovo/Holyciber-WriteUps

This repository contains all the source code for the various writeups I have written over time of all the Olicyber editions I have participated in.

Python261Updated 2 weeks ago

cryptographyctf-writeupsnetwork-securitypythonreverse-engineeringscriptingsoftware-securityweb-security

biniamf/data_obfuscation

Data Obfuscation for C/C++ Code Based on Residue Number Coding (RNC)

C++254Updated 4 days ago

compilerdata-obfuscationllvm-clangobfuscationobfuscatorreverse-engineeringsecurisecuritysecurity-toolssoftware-security

fouzhe/security

software vulnerabilities

C244Updated 1 year ago

fuzzsoftware-securitysoftware-vulnerabilities

AmirhosseinHonardoust/Python-Solidity-Feature-Engineering

A practical, research-friendly toolkit demonstrating how Python can read, parse, and analyze Solidity smart contracts using feature-engineering techniques. Extracts structural and security-relevant signals from Solidity code, detects risky patterns, builds interpretable features, and forms the basis for heuristic or ML-driven security analysis.

200Updated 2 weeks ago

auditing-toolsblockchaincode-analysisdata-sciencedeveloper-toolsethereumevmfeature-engineeringmachine-learningpythonrisk-analysissecuritysecurity-researchsmart-contract-securitysmart-contractssoftware-securitysoliditystatic-analysisstatic-code-analysisvulnerability-detection

OmarAlmighty/Coursera-Software-Security

Solutions to Software Security course provided by University of Maryland - Coursera

207Updated 3 months ago

badstorecourseraquizsoftware-security

Page 1 of 6